WP Defender is just one of many security plugins out for WordPress that has a nice base feature set

Along with WP Defender’s features it has logging of pretty much any event that occurs on your WordPress website. The trouble is these log events can quickly fill up with brute force admin logins and 404 detections, even on websites with relatively modest traffic.

I always knew people with malicious intent were out there trying to do nefarious things, I knew this even before WordPress became popular with other CMSs like vBulletin and phpBB – seeing it ‘logged’ makes it feel much more real in some curious way.

Anyway, there is a solution, adding the below function to your theme’s function.php will curtail these logs to keep just 7 days (or whatever you want) rather than everything

 * Trim WP Defender Logs by 7 days
 * https://premium.wpmudev.org/forums/topic/wp-defender-log-size#post-1218705

add_filter( 'ip_lockout_logs_store_backward', function ( $interval ) {
	$interval = '-7 days';

	return $interval;
} );