I am working with Splunk to setup log for everything I need.
If you for some reason uses the uPnP, an App will open a port in your firewall.
I can not see anyway to log these rules.
A normal NAT rule, you can go to Action and select Log and add a Log prefix.
Since these rules are not static, it have to be in some other ways.
Maybe it can be done use a script?
If there are no way to do it, I du suggest that MikroTik update
/ip upnp
and add possibility to turn on log on dynamic rules there.
Than all new dynamic rules will start logging.