Logkeys are used in Samhain to allow you to verify the integrity of the logs. From what I remember, when the logging is restarted, a log key is generated. In this case, it sounds like you received some form of alert message and the logkey was provided to allow you to verify the authenticity of the alert. It would be prudent to investigate the alert and determine the source. More than likely, it is indicating that something uncommon happened, which could be a form of scan attempt or any number of things and I wouldn't take this to mean that you have been compromised. See
this link for some more information on the log key feature.
As an example of what I mean, this morning, I was reviewing the output of logwatch and noticed an entry for connect from in.comsat on 127.0.0.1 in the secure log. As I keep the SSH port closed off to all but my a few known IP addresses on the public interface, this really caught my attention. Doing some digging, showed that the time was at the same point that the ClamAV update process ran. Further digging showed that this is a daemon process involving mail and that it was an email being sent to the root@localhost user. It was a benign alert, but it caught my attention because it was out of the ordinary.