Continuing to work with your menu system.
Security scan option
This is a simple security scan of the logs. The menu item should look for several different kinds of key incidents and report them (just put them on the screen).
The incidents from the /var/log/messages file of interest are:
any ip which had a failed login and occurs more than 3 times. (use awk to parse the info lines)
any ip which is repeatedly trying to connect to different ports (port scan).
You may use any approach you like to detect these items and report them via the menu system.