GeoFencing is a policy that blocks all traffic based on Geography from the countries listed. The previous day’s syslog file is parsed. I could modify the code to add the path into the FNAME.
Russian Federation, China, Ukraine, Vietnam, Estonia, (Germany was removed), and Romania. I created a unique key, year, month, day, country_code and number of attacks. The Russian Federation is highly active each day.