08-09-2022 06:26 AM
I'll preface this by saying I am sysadmin, not a network engineer but I have been given read-access to the ACO console so I can review the L3 drop/permit logs. I am looking for an automated way to export the logs so my co-workers can also see them. Has anyone implemented something similar?
Solved! Go to Solution.
08-10-2022 01:44 AM
Hi @Sean-M
Yes you can export the L2/L3 drop/permit logs using GET requests to their respective URIs:
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogDropL2Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogDropL3Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogPermitL2Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogPermitL3Pkt.json
Stay safe,
Sergiu
08-09-2022 06:42 AM - edited 08-09-2022 06:43 AM
you can use syslog. are you mean ACI as your product?
if it is, you can use log directive setting
08-10-2022 01:44 AM
Hi @Sean-M
Yes you can export the L2/L3 drop/permit logs using GET requests to their respective URIs:
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogDropL2Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogDropL3Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogPermitL2Pkt.json
https://{{APIC_IP}}/api/node/class/ndbgs/acllog/tn-{{TENANT_NAME}}/acllogPermitL3Pkt.json
Stay safe,
Sergiu
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide