With fail2ban (see here) is a solution available that is doing the blocking automatically.
True, but as we can use the same ID. So only the last one will be visible.
Not that long because my log file is basically empty on the productive instance.
Well, we need to assume that people who are exposing their systems to the wild know that they are doing. Especially when it comes down to securing the communication channel, the logging, and the access itself.
The warnings are not buried in the system logs. Home Assistant is keeping its own log file which makes it much more accessible than the classical approach of using /var/log/. For that we have the syslog notify platform that would allow to hook Home Assistant’s logging into the system’s one.