You can log blocked connection attempts by going to Firewall > Security Logs > Settings > Check relevant categories.
You need to check the log at a different place by going to System Monitoring > System Logging > Firewall Log.
Here is an example of the log entry with interpretations.
Red box: IN: in-bound interface, br-lan stands for bridged LAN (including 4 port switch, wireless APs, and coax). OUT: out-bound interface, eth1 stands for the WAN Ethernet interface.
Green underlined: MAC address of router (48:5d:36 is the OUI of Verizon Business).
Orange underlined: MAC address of device initiating connection (could be your IP camera).
SRC: source IP address
DST: destination IP address
TTL: time to live. A small number means the packet passed over too many routers. The packet likely comes from oversea sources.
PROTO: next encapsulation protocol. Could be TCP, UDP, ICMP, or even AH and ESP for VPN traffic.
SPT: source port.
DST: destination port. From the port number you can identify the application layer protocol such as HTTP/HTTPs, SSH, FTP, or even ISAKMP for IPsec VPN key exchange.
If you are too worried, you can even set up a Syslog server to receive the logs generated by G1100.