I am seeing system log errors which point to an attempted hack. It that a possible attack vector or can I ignore that?

It is an attack attempt but it’s not successful. So it’s safe to ignore unless you’re using a WAF higher up in your stack that should have caught the XSS attempt and you go about tuning the false negative there. 

Normal. There are plenty of attacks like this or the search engine.