diff --git a/virtcontainers/fc.go b/virtcontainers/fc.go
index 854029ccc6..c92e63e6cc 100644
--- a/virtcontainers/fc.go
+++ b/virtcontainers/fc.go
@@ -21,6 +21,7 @@ import (
 
 	httptransport "github.com/go-openapi/runtime/client"
 	"github.com/go-openapi/strfmt"
+	kataclient "github.com/kata-containers/agent/protocols/client"
 	persistapi "github.com/kata-containers/runtime/virtcontainers/persist/api"
 	"github.com/kata-containers/runtime/virtcontainers/pkg/firecracker/client"
 	models "github.com/kata-containers/runtime/virtcontainers/pkg/firecracker/client/models"
@@ -83,6 +84,9 @@ var fcKernelParams = append(commonVirtioblkKernelRootParams, []Param{
 	// Firecracker doesn't support ACPI
 	// Fix kernel error "ACPI BIOS Error (bug)"
 	{"acpi", "off"},
+
+	// Tell agent where to send the logs
+	{"agent.log_vport", fmt.Sprintf("%d", vSockLogsPort)},
 }...)
 
 func (s vmmState) String() string {
@@ -977,11 +981,8 @@ func (fc *firecracker) hotplugRemoveDevice(devInfo interface{}, devType deviceTy
 
 // getSandboxConsole builds the path of the console where we can read
 // logs coming from the sandbox.
-//
-// we can get logs from firecracker itself; WIP on enabling.  Who needs
-// logs when you're just hacking?
 func (fc *firecracker) getSandboxConsole(id string) (string, error) {
-	return "", nil
+	return fmt.Sprintf("%s://%s:%d", kataclient.HybridVSockScheme, filepath.Join(fc.jailerRoot, defaultHybridVSocketName), vSockLogsPort), nil
 }
 
 func (fc *firecracker) disconnect() {
diff --git a/virtcontainers/hypervisor.go b/virtcontainers/hypervisor.go
index 82ef895c0f..cdb2767a66 100644
--- a/virtcontainers/hypervisor.go
+++ b/virtcontainers/hypervisor.go
@@ -69,6 +69,10 @@ const (
 	// CAP_NET_BIND_SERVICE capability may bind to these port numbers.
 	vSockPort = 1024
 
+	// Port where the agent will send the logs. Logs are sent through the vsock in cases
+	// where the hypervisor has no console.sock, i.e firecracker
+	vSockLogsPort = 1025
+
 	// MinHypervisorMemory is the minimum memory required for a VM.
 	MinHypervisorMemory = 256
 )
diff --git a/virtcontainers/proxy.go b/virtcontainers/proxy.go
index b8cbfbf093..e4e26cdfdd 100644
--- a/virtcontainers/proxy.go
+++ b/virtcontainers/proxy.go
@@ -11,7 +11,9 @@ import (
 	"io"
 	"net"
 	"path/filepath"
+	"strings"
 
+	kataclient "github.com/kata-containers/agent/protocols/client"
 	"github.com/kata-containers/runtime/virtcontainers/store"
 	"github.com/sirupsen/logrus"
 )
@@ -241,7 +243,8 @@ func (p *proxyBuiltin) start(params proxyParams) (int, string, error) {
 
 	// For firecracker, it hasn't support the console watching and it's consoleURL
 	// will be set empty.
-	if params.debug && params.consoleURL != "" {
+	// TODO: add support for hybrid vsocks, see https://github.com/kata-containers/runtime/issues/2098
+	if params.debug && params.consoleURL != "" && !strings.HasPrefix(params.consoleURL, kataclient.HybridVSockScheme) {
 		err := p.watchConsole(buildinProxyConsoleProto, params.consoleURL, params.logger)
 		if err != nil {
 			p.sandboxID = ""