So far, I have a firewall that detects attacks and adds ip addresses to a list and then I block packets by that list.

The question here is, how would I go about scripting the actual log entries that triggered this listing in placing those entries into the comments field for that particular listing.

Being able to do this would greatly help us in tracking down abuse.