Get the last 20 IPs
tac jive-httpd-ssl-access.log | grep "POST /pm-post.jspa " | head -20
You may get for example often: 184.108.40.206
Check the access.log for other activities using the same IP range:
grep “^41.82.49.” jive-httpd-ssl-access.log | grep -v “220.127.116.11”
Use WHOIS (Google / Bing search for “whois 18.104.22.168”) and check the real IP range to be able to block the proper range. Redo the check for activities based on the new range.
Finally block the IP range if this is possible on /admin/settings-ban.jsp?type=1