When creating a new packet filter policy, does it generate log messages for allowed traffic by default?

When creating a new packet filter policy, it does not generate log messages for allowed traffic by default. This behavior is designed to help network administrators manage log storage effectively since logging every allowed connection can result in large amounts of log data, making it challenging to identify important events or issues.

To enable logging for allowed traffic, administrators must explicitly configure the policy to log such events. This selective logging capability allows for more focused monitoring and analysis of traffic, particularly for traffic that is deemed suspicious or for which the administrator wants to gather more information. The default setting encourages a cleaner log management approach by only logging denied traffic unless specified otherwise.