All PBX systems sitting on a public IP address will be incessantly hammered by automated hacking tools that scan every IPv4 address on the internet looking for vulnerable systems.
The official FreePBX Distro includes a software firewall that can limit access to only hosts you authorize (your trunking provider and your extensions).
Your cloud provider may have a hardware firewall between the internet and your PBX that you can configure.
Better than nothing, you can change the SIP ports to nonstandard values: In Asterisk SIP Settings, pjsip tab, change Port to Listen On from 5060 to e.g. 27146 (pick a random value between 20001 and 49999). On the chan_sip tab, change Bind Port from 5160 to a different random value. Restart Asterisk and you should now see very few of these errors. Of course, you will have to change your extensions to register to the new port. If using the fixed IP method for GoTrunk, you must specify the new port on their website.
The pastes you posted have only a few lines each. If your system is getting hammered, I would have expected hundreds or thousands of entries in the log. If you still have trouble, please paste the last few hundred lines of /var/log/asterisk/full (do so in a way that doesn’t result in escape sequences such as
" that do not appear in the actual log.