Confused on alert logging

Hello All,
I am using an AWS network firewall and have some problems there.

Rule order :Strict order
Default actions :Drop established and Alert established

Question 1) I only allow outgoing https for specify domains, and when I check the alert logs, I only see blocked connections and no allowed connections shown here. Even when I try many times to curl the URL, it success but no logs show.

Question 2) Supposing my rules only allowed the outgoing domain list, when I try to telnet the domain that is not in the domain list, it still succeeds, but if I use curl is no response.

any help will be appreciated

I would suggest reaching out to AWS support for this.