The default behaviour is that each site has it's own pair of log files at:
/var/log/nginx/example.com.access.log /var/log/nginx/example.com.error.log
My solution is to use the wp-fail2ban plugin which comes with it's own filter-file which you can add into the fail2ban filter folder. Then you can create a [wordpress] for all your sites in one place without worrying too much about logs. I don't know if this will suit your needs but I find this set up pretty flexible, I use a CDN and using custom actions for fail2ban I can block bots before they even reach my site.