Assessing abnormal activity in syslog?

Good afternoon,

I am working on a final project for my digital forensic applications class, and one portion is to examine a linux server image for any sign of compromise attempt, attack vector, and what was taken, etc… The system found is Ubuntu V. 12.04.3 Precise Pangolin. I have scoured the Apache Error and Access logs and have detected sql injection, and traces of the PII that may have been taken.

I was looking in the syslog but am confused on whether or not there may be signs of brute force, or the log simply represents routine items. This is an excerpt

Nov 13 220726 VUbuntu anacron[23638] Normal exit (1 job run)
Nov 13 220731 VUbuntu dhclient DHCPREQUEST of 192.168.1.3 on eth0 to 192.168.1.1 port 67
Nov 13 220839 dhclient last message repeated 5 times
Nov 13 220900 VUbuntu dhclient DHCPREQUEST of 192.168.1.3 on eth0 to 192.168.1.1 port 67
Nov 13 220901 VUbuntu CRON[25333] (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete)
Nov 13 220912 VUbuntu dhclient DHCPREQUEST of 192.168.1.3 on eth0 to 192.168.1.1 port 67
Nov 13 221014 dhclient last message repeated 5 times
Nov 13 221122 dhclient last message repeated 4 times
Nov 13 221222 dhclient last message repeated 5 times
Nov 13 221322 dhclient last message repeated 5 times
Nov 13 221422 dhclient last message repeated 4 times
Nov 13 221523 dhclient last message repeated 4 times
Nov 13 221623 dhclient last message repeated 3 times
Nov 13 221701 dhclient last message repeated 4 times

Upon searching the internet and various places it was mentioned that a DHCPACK should at one point be returned. I do no see that here, could this be indicative of the attacker trying to gain access as the time intervals are so frequent?

Thanks,
Jessica