We have a working application which uses Server session variables as a\nmeans to identify the user.\n\nMy boss want to start looking at the IIS logs to understand what our\nusers do. On our website we have occasional users and also customers\nfor which we have an ID. We would like to be able to link IIS log data\nto internal data via the customer ID, even when we know it is not the\n100% of our users.\n\nI'm not sure if I should replace the Session("CustomerID") for a\nMySession("CustomerID") that also writes a Cookie which will in turn\nbe logged in IIS. Or write the ASP.NET_SessionID along with our\nCustomerID to a table in the database. And if I do should I mess with\nthe current page inheritance or just make the call like\nMyLib.MySession(Me, "CustomerID") .\n\nFor security reasons I just don't want to use an ID returned from a\nbrowser.\n\nHas anybody dealt with this? Will sombody come forward and give a\nsuggestion? Please?