I think from cmd line you can add rules like below to the predefined chains, which will log all and can be useful for debugging, then you can remove(this is not persistent, will not survive firewall restart or reboot):
iptables -I input_lan_rule 1 -m limit --limit 10/sec -m comment --comment "!lan in logging" -j LOG --log-prefix "LAN IN: "
iptables -I forwarding_lan_rule 1 -m limit --limit 10/sec -m comment --comment "!lan forward logging" -j LOG --log-prefix "LAN FORWARD: "
iptables -I output_lan_rule 1 -m limit --limit 10/sec -m comment --comment "!lan out logging" -j LOG --log-prefix "LAN OUT: "
In similar way you can add for other zones as well such as for “input_wan_rule” etc
And if you want it to be persistent add it at Luci - Firewall - Custom Rules tab.
Additionally Luci can add rules for logging rejected. So when you enable logging in Luci Firewall from certain zone(edit) it should log rejected packets for that zone. And general settings(at top) should have default policy “reject” for Input Output Forward.
Logging dropped is complicated, since Luci doesn’t do it automatically like above, you need to create new chains add logging rule, jump there from where needed. Actually default firewall drops only invalid and syn-flood(if detected), most is reject. So I don’t think you will need to log the dropped.