Firewall logging (only dropped)

Previously I worked with IP-filter, now I getting started with Mikrotik FW Filter.
Because I thinking of IP-filter basis, I’m sure that I made a mistake.

I have a problem with a firewall logging, allowed traffic also inserted into the log.
I want to just dropped package is placed into the log.

Firewall filter:
chain=input action=drop connection-state=invalid
chain=input action=accept connection-state=established
chain=input action=accept connection-state=related
…other rules…
chain=input action=log log-prefix=“Dropped input”
chain=input action=drop

The same way for:
output
then:
forward…

Log rule:
topics=firewall action: FWlog (to disk)

What went wrong?

Any reply?

If your log rule matches your drop rule place it before the drop rule. You will also need to create a new logging rule (for the “firewall” topic) that will tell the system which action to take with the messages.

I.e. if you have a syslog server, create a new logging action that points to syslog. Then you will create the rule of topic “firewall” that points to the action that you just created for the syslog server.