How to Query ACL Permit and Deny Logs

[the-modern-leo]

Looking to get information about how to perform these queries with Pyaci. There are some information in the article below at the end of the page titled "Viewing ACL Permit and Deny Logs Using the REST API"
Here

When running something like this:

result = apic.mit.polUni().fvTenant('Enterprise').GET(**options.subtreeClass('acllogPermitL3Pkt'))
I get an empty list.
To perform the same thing in Cobra ACI would be:
result = self.cobramd.lookupByClass('acllogPermitL3Pkt')

How would i perform this action in Pyaci?

Also how would i pass in an and filters?

Something like this:
result = apic.mit.GET(**options.subtreeClass('acllogPermitL3Pkt') & options.filter(filters.Wcard('acllogDropL3Pkt.dn', f"ndbgs/acllog/tn-{tenant}" filters.Wcard('acllogDropL3Pkt.destination') & filters.Wcard('acllogDropL3Pkt.srcIp','10.71.0.164')))

[sapshah-cisco]

result = apic.mit.polUni().fvTenant('Enterprise').GET(**options.subtreeClass('acllogPermitL3Pkt'))

will get only the acllogPermitL3Pkt only from the tenant Enterprise whereas the cobra example provided by you will query all acllogPermitL3Pkt within APIC.

To get the same results as cobra in pyaci, use the below example
result = apic.methods.ResolveClass('acllogPermitL3Pkt')

To answer your second question
result = apic.methods.ResolveClass('acllogPermitL3Pkt').GET(**options.filter(filters.Wcard('acllogDropL3Pkt.dn', f"ndbgs/acllog/tn-{tenant}" & filters.Wcard('acllogDropL3Pkt.destination',"SOMEVALUE") & filters.Wcard('acllogDropL3Pkt.srcIp',"10.71.0.164")))

which means you are querying all acllogPermitL3Pkt in APIC where the above criteria is matched.

If you want to query specific tenant use the same options in the below example.
apic.mit.polUni().fvTenant('Enterprise').GET(<options here>

[the-modern-leo]

I have attempted to use all the solutions provided above for getting packets, and my query is returning an empty list.
result = apic.methods.ResolveClass('acllogPermitL3Pkt').GET() result2 = apic.mit.polUni().fvTenant(tenant).GET(**options.subtreeClass('acllogPermitL3Pkt')) result3 = apic.methods.ResolveClass('acllogPermitL3Pkt').GET(**options.filter( filters.Wcard('acllogDropL3Pkt.dn', f"ndbgs/acllog/tn-{tenant}") & filters.Wcard('acllogDropL3Pkt.srcIp', "10.71.0.164"))) test = apic.mit.polUni().fvTenant(tenant).GET()

I believe i have found the issue for this:
While running through the code stack on this call line:
result = apic.methods.ResolveClass('acllogPermitL3Pkt').GET()
The Stack produces an error on this line:
` class ResolveClassMethod(Api):
def init(self, parentApi):
super(ResolveClassMethod, self).init(parentApi=parentApi)

@property
def _relativeUrl(self):
    return 'class/' + self._className <----------------------------------------------------

def __call__(self, className):
    self._className = className 
    return self

`
Error: 'ResolveClassMethod' object has no attribute '_className'

[sapshah-cisco]

What do you see in the stack trace? The query didn't fail for me but also didn't return anything because I don't have acllogPermitL3Pkt objects.

Also on the latest versions of apic, the pyaci meta is available at
http[s]://{{apic-host}}/acimeta/aci-meta.json

Can you check for other objects like fvTenant, fvAp as below and paste it here?
apic.methods.ResolveClass('fvTenant').GET()

You can also refer to examples here.
pyaci documentation