While I haven't used that myself too much yet, if you know how to distinguish an error event you'd like to index from a non-error event you'd like to discard you can set up regex-based filtering in props.conf/transforms.conf like this:
props.conf
[your_sonicwall_sourcetype]
...
TRANSFORMS-filter = setnull,filter_for_errors
transforms.conf
[setnull]
REGEX = .
DEST_KEY = queue
FORMAT = nullQueue
[filter_for_errors]
REGEX = some regular expression identifying events you want to keep
DEST_KEY = queue
FORMAT = parsingQueue
