I’ve always had the opinion that obfuscation does have value as long as there is no false sense of security…
The overall rule set and other measures need to be secure with or without it, but cutting the log volume by a few orders of magnitude make finding and dealing with real attempts much easier.
I also feel it probably encourages some potentially serious attempts to move on to the next IP, where if they got the first glimmer from the standard port they might come back and try harder.