ACI APIC & Node – MOQuery / API Format Examples
A collection of examples for moquery, native REST API calls and other random commands. Little unstructured (sorry), at some point I will move to separate pages.
CLI - show system internal [epm|eltm|ethpm] epm: Endpoints eltm: VRF/VLAN configuration ethpm: Interfaces
REST API Examples
https://{{url}}/api/node/class/eventRecord.json?order-by=eventRecord.created|desc&page=0&page-size=100&query-target-filter=and(gt(eventRecord.created, "2018-06-19"))
https://{{url}}/api/class/fvRsPathAtt.json?query-target-filter=wcard(fvRsPathAtt.encap, "1.4.")
https://{{url}}/api/class/fvRsPathAtt.json?query-target-filter=wcard(fvRsPathAtt.encap, "[2-3]4.[7-8]")
/api/class/fvAEPg.json?rsp-subtree=children&query-target=subtree&query-target-filter=eq(fvRsPathAtt.encap, "vlan-1971")&target-subtree-class=fvAEPg
https://{{url}}/api/class/fvAEPg.json?query-target-filter=or(wcard(fvAEPg.dn,"tn-TEN_INT"),wcard(fvAEPg.dn,"tn-TEN_SHARED"))
Running Firmware
https://apic-ip-address/api/class/firmwareCtrlrFwStatusCont.json?
query-target=subtree&target-subtree-class=firmwareCtrlrRunning
def query_class(self, mo_class, query_target_filter=""):
'''
'''
# template
query = {
"description" : "",
# path (mo/uni/tn-TEN_INT/ap- ..) OR (class/fvTenant)
"path": "class/{0}".format(mo_class),
"filter": {
# Define the scope of a query - {self | children | subtree}
"query-target" : "",
# Respond-only elements including the specified class - 'class name'
"target-subtree-class" : "",
# Respond-only elements matching conditions - filter expressions
####"query-target-filter" : "or(wcard(fvAEPg.dn, 'tn-TEN_INT'), wcard(fvAEPg.dn, 'tn-TEN_SHARED'))",
"query-target-filter" : query_target_filter,
# Specifies child object level included in the response - {no | children | full}
"rsp-subtree" : "", # "children",
# Respond only specified classes - 'class name'
"rsp-subtree-class" : "", # "fvAEPg,fvRsPathAtt,fvRsDomAtt",
# Respond only classes matching conditions - filter expressions
"rsp-subtree-filter" : "",
# Request additional objects -{faults | health :stats :…}
"rsp-subtree-include" : "",
# Sort the response based on the property values - classname.property | {asc | desc}
"order-by" : ""
}
}
# query
response = self.apic.get(query)
return response['imdata']
Find the active APIC for VMM Communication
cat debug/div-apic-01-001/vmmmgr/comp/prov-VMware/ctrlr-[DVS_ACI_dvSwitch1]-OTN_VC/info/mo
Python Regex Search (Match All) EPG name from DN
re.search('epg-(.+?)(?=\/)', "uni/tn-TEN_INT/ap-AP_HOSTING/epg-EPG_VMOTION/rspathAtt-[topology/pod-2/paths-504/pathep-[eth1/1]]").group(1)
ISIS Adjacency Changes
fabric xxxx show isis adjacency detail vrf overlay-1
MOQuery Queries
Query Filter Types
wcard = * or .
target-subtree-class=fvAEPg,fvRsPathAtt
query-target-filter=eq("fvRsPathAtt.encap", "vlan-1971")
query-target=subtree&target-subtree-class=firmwareCtrlrRunning
User Query (User Delete Action)
moquery -c aaaModLR -f 'aaa.ModLR.user=="XXXXX" and aaa.ModLR.ind=="deletion"' | grep descr
User Query (User Actions on Date)
moquery -c aaaModLR -x 'query-target-filter=wcard(aaaModLR.created,"2016-02-22")' | egrep "user"
Bridge Domain Multicast addresses
moquery -c fvBD | grep 'name|bcastP'
Get Static Paths using mo filter to return full object
moquery -c fvRsPathAtt -f 'fv.RsPathAtt.encap=="vlan-23"'
Get the dn of the path for a switchport & switch
moquery -c fvAPathAtt | grep dn | grep 'eth1/47' | grep 202
moquery -c fvStPathAtt | grep dn | grep 'eth1/47' | grep 202
moquery -c fvDyPathAtt | grep dn | grep 'eth1/47' | grep 202
If the object names are prefixed - i.e. with EPG_
show vlan ext | grep Eth1/47 | grep EPG_
Find the BD an APP uses.
moquery -c fvBD -x rsp-subtree=children query-target=subtree -f 'fv.RtBd.tDn=="uni/tn-TEN_ONE/ap-APP_ONE/epg-EPG-V123"'
Get all subnets of a BD with ip and dn filter
moquery -c fvBD -x rsp-subtree=children query-target=subtree target-subtree-class=fvSubnet,fvRtBd | egrep '^ip|^dn'
Get the endpoint ip, mac, TEN, APP, EPG, VLAN
moquery -c fvCEp -x rsp-subtree=full -f 'fv.CEp.mac=="00:00:5e:01:01:d8"'
vsh_lc => show system internal epmc endpoint mac/ip
show system internal epm endpoint mac|ip
VLAN ID: PI-VLAN for EPG
VLAN VNID: VNID for EPG(VPAN)
BD VNID: VNID for BD
VRF VNID: VNID for VRF
Tunnel If & Interface: Interface this EP is learned on.
sclass: (Class/pcTag) EPG ID
Good References: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKACI-3545.pdf
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKACI-2641.pdf
Endpoint Retention Timers (Local EP)
(vsh_lc): show system internal epmc endpoint interface ethernet 1/1
BD Endpoint Retention Policy: Local Endpoint Aging Interval (sec): Default 900
When 75% of timer passed, fabric will send 3x ARP requests to host to refresh entries. Requires Subnet IP Configured in BD
if index : 0x1a000000 ::: name : Ethernet1/1
MAC : dca6.32a5.7d35 ::: Num IPs : 1
IP# 0 : 172.16.1.1
Vlan id : 12 ::: Vlan vnid : 8192 ::: BD vnid : 15761386
Encap vlan : 802.1Q/200
VRF name : TEN_MAIN:VRF_MAIN ::: VRF vnid : 2555904
phy if : 0x1a000000 ::: tunnel if : 0 ::: Interface : Ethernet1/1
Ref count : 5 ::: sclass : 16386
Timestamp : 01/01/1970 01:16:32.020000
::: Learns Src: EPM
EP Flags : local|IP|MAC|sclass|timer|
Aging: Timer-type : HT ::: Timeout-left : 58 ::: Hit-bit : Yes ::: Timer-reset count : 1
PD handles:
[L2]: Hdl : 0xd206 ::: Hit: Yes
[L3-0]: Hdl : 0xd20c ::: Hit: No ::: NH_ID : 0x80000006 ::: NH_Hdl : 0xd209 ::: FIB_ID : 0x0 ::: FIB_Hdl : 0x0
::::
Get a VMM VMWare Controller
moquery -d /comp/prov-VMware/ctrlr-[DVS_ACI_dvSwitch1]-ABC_VC
moquery -c infraPortBlk -f 'infra.PortBlk.dn*"INTP_LEAF_229"'
moquery -c fvRsPathAtt -f 'fv.RsPathAtt.dn*"pathep-[eth1/1]"' | grep dn | grep -E "243|244"
moquery -c fabricNode -x 'query-target-filter=eq(fabricNode.id,"211")'
Note: no spaces in the eq(..) or wcard(…), etc params block
BRIDGE DOMAIN moquery -c fvBD -f "fv.BD.name==\"BDname\"" EPG pcTag/sClass moquery -c fvAEPg -f 'fv.AEPg.pcTag=="xxxx"' VLAN (including PI [platform independant vlans]) show vlan extended show system internal eltmc info vlan brief ENDPOINT moquery -c fvCEp moquery -c fvCEp | grep x.x.x.x -A 10 -B 5 moquery -c fvCEp -f 'fv.CEp.name=="aa:bb:cc:dd:11:22:33:44"' moquery -c fvCEp -f 'fv.CEp.ip=="1.1.1.1"' moquery -c fvRsCEpToPathEp CONSUMED CONTRACT moquery -c vzBrCP PROVIDED CONTRACT moquery -c vzBrCP L3 OUT moquery -c l3extInstP moquery -c l3extDomP moquery -c actrl.PfxEntry moquery -c l3extSubnet FAULT moquery -c faultInst -f 'fault.Inst.code=="F0467"' moquery -c faultRecord -x order-by="faultRecord.created|desc" 'query-target-filter=wcard(faultRecord.created,"2017-12-1[2]")' >/home/admin/auditlog.txt TUNNEL INTERFACES moquery -c tunnelIf Infra VLAN ifconfig | grep bond0. TEP Pool moquery -c fabricSetupP | grep -E podId|tepPool" Multicast Pool moquery -c fvBD | grep -E "name|bcastP|dn" | grep -B 2 "infra"
Tunnel / Leaf Search =================================== acidiag fnvread / fnvreadex ID Pod ID Name Serial Number IP Address Role State LastUpdMsgId 103 1 leaf3 SAL10000003 10.0.184.64/32 leaf active 0 104 1 leaf4 SAL10000004 10.0.184.67/32 leaf active 0 For VPC Peer switches virtual address moquery -c vpcDom | egrep 'virtualIp|dn|#' show endpoint mac 0000.5555.2222 17/TK:VRF1 vxlan-15826915 0000.5555.2222 tunnel8 show interface tunnel 8 dst: [ip] (refer to acidiag fnvread | grep [ip]'
