How to enable logging in iptables.
If the last line in chain is to drop everything that does not match previous rules, then I assume one should add logging rule before this line in order to log only blocked requests.

sudo iptables -L --line-numbers
sudo iptables -I CHAIN(INPUT,OUTPUT,FORWARD) NUMBER(number of the chain line where is last drop rule shown using above command) -j LOG
sudo tail -f /var/log/messages

Yes, you are right. To log only blocked requests, you need to add a logging rule before the last "DROP" rule in the iptables chain.
List the iptables rules with line numbers, insert a new rule before the last "DROP" rule, save the new iptables rules, check the log file for iptables messages.