Description of problem:
According to command help [1], option "--target" when creating security group log should work to narrow down logging action for specific port.

I manually tested the following scenario using CLI:
2 VMs using same SG allowing ICMP, on same compute, same network, made log object with target port of second VM, pinged both using FIPs, got all traffic to both VMs logged
(test failure).

[1]
"""
$ openstack network log create --help
usage: openstack network log create ...

Create a new network log

positional arguments:
<name> Name for the network log

optional arguments:
...
--resource <resource>
Name or ID of resource (security group or firewall
group) that used for logging. You can control for
logging target combination with --target option.
--target <target> Port (name or ID) for logging. You can control for
logging target combination with --resource option.
...
"""

Version-Release number of selected component (if applicable):
RHOS-17.1-RHEL-9-20230607.n.2

How reproducible:
100% so far

Steps to Reproduce:
1. recreate same resources of scenario
2. ping both VMs
3. notice common log file on same hypervisor compute

Actual results:
got all traffic to both VMs logged

Expected results:
get only traffic to second VM logged (targeted port)

Additional info:
I got a devnest with reproducer in case further checks needed.
please contact before use to avoid collisions.
tmux session on BM host (special key -> ctrl+x)
root@shark6.mobius.lab.eng.rdu2.redhat.com