This indicates detection of an attempted brute force attack on SOAP.
The attack consists of multiple SOAP requests intended to uncover hidden methods, launched at a rate of about 200 times in 10 seconds.
Impact of a successful attack could vary, with the worse case being a system compromise.
Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.