Skip to main content
Every sandbox records captured output to disk so you can read it later, even after the sandbox stops or crashes. Use msb logs <name> from the CLI or logs() from the SDK.

Read logs

msb logs devbox
msb logs devbox --tail 100
msb logs devbox -f
msb logs devbox --grep ERROR
msb logs devbox --json | jq 'select(.s == "stderr")'
The default output includes user-program stdout, stderr, and PTY output. Add system diagnostics when you need runtime or kernel logs: 
msb logs devbox --source system
msb logs devbox --source all

Read from the SDK

let handle = Sandbox::get("web").await?;
let entries = handle.logs(&LogOptions::default())?;
Use log options to filter at read time: 
let recent = handle.logs(&LogOptions {
    tail: Some(50),
    sources: vec![LogSource::Stdout, LogSource::Stderr],
    ..Default::default()
})?;

Sources

SourceMeaning
stdoutCaptured from a non-interactive session’s stdout
stderrCaptured from a non-interactive session’s stderr
outputCaptured from a PTY session, where stdout and stderr are merged
systemLifecycle markers plus runtime and kernel diagnostics
Interactive sessions use a PTY, so stdout and stderr are merged before microsandbox receives them. Non-interactive exec calls keep the streams separate.

Diagnostic flows

Sandbox crashed 
msb ls
msb logs <name>
msb logs <name> --source system
Sandbox will not start 
msb create --name nope ...
msb logs nope --source system
Program produced no logs msb create only boots a sandbox. Run something with msb run, msb exec, or an SDK exec call to produce user-program output.

On disk

Sandbox logs live under <sandbox-dir>/logs/:
FileContents
exec.logUser-program output as JSON Lines
runtime.logSandbox runtime diagnostics
kernel.logGuest kernel and agent console output
boot-error.jsonStructured startup failure details, when boot fails early