I know that you can filter the display output of the logs but is there a
way to filter what *IS* logged. An example would be I don't need to
have all allowed traffic to a trusted network logged. I want to log
only allowed/denied traffic outside of trusted network. I also have
some vendor devices that need to constantly broadcast their state for
monitoring purposes. They are not on a trusted network for most of my
users but I would like to not even log that they are being denied.