Making sense of firewall logs if one is new can be diffcult, I ran across this program about a year and a half ago. It is designed to work with Zone Labs firewall but one can if your firewall allows sorting into a plain text log work with other firewalls. I've used it on high end hardware / software firewall after setting up a proper log filtering. Anyway it's at http://zonelog.co.uk/ may want to take a look it helps sort things out like I said of you are starting if you do the emial report it will say what type of attack it was like say sub7java etc. Free trial and really not that high of a cost or maybe for others it will think of better ways to do it, I simply did not have the time to write something like this.
Yeah been some time since I posted here had other things to do like life, peace people.