1. - the ajax updates make quite heavy load on a database. When there's an administrator (1 person), it's quite ok, but when you'll put it available to a group of people.. it could be really hard. But you are right with the trends/stats. Maybe it should be specially restricted, or the update time in frontend would be bigger, or an update will manual.
2. - this is not technically possible. Because HTTP is based on a request/response. And you just see the actual requests. There's no way how to determine whether the user is "connected", like when using the TCP/IP sockets.