No Audit to "Negate" of src/dst/svc when adding new rule
The negate in the GUI is translated into an attribute of the object. It is not an object by itself.
A new rule will describe in the created audit log, the fields added and not their attributes. So, for example, if we add service cpd marked as negate in a new rule it will only describe the service as "cpd".
When editing an existing rule, the audit will show "not in" (negate) as it looks for the differances between the rule before and after the change.