Yes, the usage is different when an extended ACL is applied to BGP updates.
access-list 101 permit ip 10.1.20.0 0.0.0.255 255.255.255.0 0.0.0.255
The first address here is 10.1.20.0 0.0.0.255. This will match on any of the following:
. . .
The second address here is 255.255.255.0 0.0.0.255. This will match on any of the following:
. . .
Therefore, that access-list will match any prefix that satisfies both the prefix and mask portion from above. As an example, the following prefixes match both the conditions and will be permitted:
Basically, you are matching on both the prefix and its mask when using extended ACLs.
If you want to know why you would use such an ACL, here's a question that would have the above ACL as an answer: permit all subnets of 10.1.20/24. The above will permit all such subnets, regardless of their length.
These are the paths to get to each CCX logs through CLI. They may be helpful if you are having issues accessing RTMT or downloading logs through it.
If you want to download them you have to prefix "file get " and you can add one of the options (re...