A suggestion.
The category of "Terminarion after authentication" in the intrusion detection menu, recommends adding the IP addresses to Xeams balcklist - why not include a button beside the address so it can be added to the blacklist. Just easier than cut & paste?
Andrew