Here is a script to extract the files involved in SME server hack attempts whenever a "File does not exist" error occurs:
EXTIP=`curl -s ifconfig.me/ip`
grep "File does not exist" /var/log/httpd/error_log | sed -e 's#\: /#\n#' | grep "home" | sort -u | sed -e "s#$EXTIP#\<IP\>#g" > dict_err.txt
# grep "File does not exist" /var/log/httpd/admin_error_log | sed -e 's#\: /#\n#' | grep "home" | sort -u | sed -e "s#$EXTIP#\<IP\>#g" > dict_admin_err.txt
Maybe someone can make a contrib package to filter common errors like the above.