diff --git a/config/acquis.yaml b/config/acquis.yaml
index cc3631f3e..69976b382 100644
--- a/config/acquis.yaml
+++ b/config/acquis.yaml
@@ -10,6 +10,12 @@ filenames:
  - /var/log/syslog
 labels:
   type: syslog
+--- 
+source: journalctl
+journalctl_filter:
+ - "_SYSTEMD_UNIT=ssh.service"
+labels:
+  type: syslog
 ---
 filename: /var/log/apache2/*.log
 labels: