@@ -95,7 +95,43 @@ View what your agent is accessing and whether requests are being blocked:
9595$ docker sandbox network log
9696```
9797
98- Network logs help you understand agent behavior and define policies.
98+ The network log shows aggregated summaries of HTTP/HTTPS network requests:
99+
100+ - ** Allowed requests** - Requests that were permitted by your network policy
101+ - ** Blocked requests** - Requests that were denied by your network policy
102+
103+ For each host accessed, the log shows:
104+
105+ - ** Sandbox** - Name of the sandbox making the request
106+ - ** Host** - The destination (hostname and port)
107+ - ** Rule** - The policy rule that matched this request (or ` <default policy> ` )
108+ - ** Last Seen** - When this host was most recently accessed
109+ - ** Count** - Number of requests to this host since tracking began
110+
111+ Use network logs to understand agent behavior, identify blocked requests that
112+ should be allowed, and debug network policy issues. The logs are especially
113+ helpful when defining policies - they show exactly what your agent is trying to
114+ access.
115+
116+ ### Example log output
117+
118+ ``` console
119+ $ docker sandbox network log
120+ Blocked requests:
121+ SANDBOX HOST RULE LAST SEEN COUNT
122+ my-sandbox internal.corp.com:443 <default policy> 14:30:15 12-Feb 3
123+ my-sandbox 192.168.1.100:22 <default policy> 14:25:10 12-Feb 1
124+
125+ Allowed requests:
126+ SANDBOX HOST RULE LAST SEEN COUNT
127+ my-sandbox api.anthropic.com:443 api.anthropic.com 14:35:21 12-Feb 15
128+ my-sandbox registry.npmjs.org:443 *.npmjs.org 14:32:18 12-Feb 8
129+ my-sandbox raw.githubusercontent.com:443 *.githubusercontent.com 14:30:45 12-Feb 2
130+ ```
131+
132+ The log displays both blocked and allowed requests in separate sections. Use
133+ ` --json ` for machine-readable output, ` --quiet ` to suppress headers, or
134+ ` --limit N ` to show only the first N entries.
99135
100136## Applying policies
101137
0 commit comments