I was casually doing a security audit on my blog recently and decided to look a little deeper into my security logs. With a bit of Linux command line kung fu, some Golang, and Google sheets, I was able to get a pretty good idea of where the attacks are coming from.
Based on the log file you have showed a few more data that could be useful would be:
1- date of the attack;
2- time of the attack;
3- cross relate #2 (above) and city/country time zone to get their time of the attack;
4- try to acquire and parse keywords to represent the type/nature (?) of the attack (I know potato about sec…);
5- I guess ports would be useful too (again, I know potato…)
6- Dump it on a CSV and keep on exploring.
You could then try to find an attack pattern/behaviour (or just the statiscts…) to deploy regular (time/period based) countermeasures or just strengthen against the most common attacked vector.
Sorry for long answer!
PS: Just for the lolz, you could launch an attack against whoever is attacking you (based on #6), that would be fun in a I’ll-take-this-no-more kind of way, I guess…