This is the report of the attacks made on my servers using the HTTP Server as vectors (mainly, trying to own a PHP installation! Did these guys from PHP solutions didn't learn? ).
The reports are consolidated by hits, and also from the last week, month, semester and year - so you can define your own thresholds about time and hits more easily. You can, by example, choose to block only IPs that were caught 75 times or more, with the last hit in the last month.