Check this out this nice tool that allows you to analyze IIS logs and see if the ASP pages were victim of SQL Injection attack:

http://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=WSUS&ReleaseId=13436