diff --git a/cmd/aa-log/main.go b/cmd/aa-log/main.go
index f7c484fd..0c16f5e4 100644
--- a/cmd/aa-log/main.go
+++ b/cmd/aa-log/main.go
@@ -31,6 +31,7 @@ Options:
     -s, --systemd      Parse systemd logs from journalctl.
     -r, --rules        Convert the log into AppArmor rules.
     -R, --raw          Print the raw log without any formatting.
+    -S, --since DATE   Show entries not older than the specified date.
 
 `
 
@@ -41,6 +42,7 @@ var (
 	path    string
 	systemd bool
 	raw     bool
+	since   string
 )
 
 func aaLog(logger string, path string, profile string) error {
@@ -51,7 +53,7 @@ func aaLog(logger string, path string, profile string) error {
 	case "auditd":
 		file, err = logs.GetAuditLogs(path)
 	case "systemd":
-		file, err = logs.GetJournalctlLogs(path, !slices.Contains(logs.LogFiles, path))
+		file, err = logs.GetJournalctlLogs(path, since, !slices.Contains(logs.LogFiles, path))
 	default:
 		err = fmt.Errorf("Logger %s not supported.", logger)
 	}
diff --git a/pkg/logs/loggers.go b/pkg/logs/loggers.go
index 78abbd7a..53b3fbd3 100644
--- a/pkg/logs/loggers.go
+++ b/pkg/logs/loggers.go
@@ -63,9 +63,10 @@ func GetAuditLogs(path string) (io.Reader, error) {
 }
 
 // GetJournalctlLogs return a reader with the logs entries from Systemd
-func GetJournalctlLogs(path string, useFile bool) (io.Reader, error) {
+func GetJournalctlLogs(path string, since string, useFile bool) (io.Reader, error) {
 	var logs []systemdLog
 	var stdout bytes.Buffer
+	var stderr bytes.Buffer
 	var scanner *bufio.Scanner
 
 	if useFile {
@@ -77,14 +78,20 @@ func GetJournalctlLogs(path string, useFile bool) (io.Reader, error) {
 	} else {
 		// journalctl -b -o json -g apparmor -t kernel -t audit -t dbus-daemon --output-fields=MESSAGE > systemd.log
 		args := []string{
-			"--boot", "--grep=apparmor",
-			"--identifier=kernel", "--identifier=audit", "--identifier=dbus-daemon",
+			"--grep=apparmor", "--identifier=kernel",
+			"--identifier=audit", "--identifier=dbus-daemon",
 			"--output=json", "--output-fields=MESSAGE",
 		}
+		if since == "" {
+			args = append(args, "--boot")
+		} else {
+			args = append(args, "--since="+since)
+		}
 		cmd := exec.Command("journalctl", args...)
 		cmd.Stdout = &stdout
-		if err := cmd.Run(); err != nil {
-			return nil, err
+		cmd.Stderr = &stderr
+		if err := cmd.Run(); err != nil && stderr.Len() != 0 {
+			return nil, fmt.Errorf("journalctl: %s", stderr.String())
 		}
 		scanner = bufio.NewScanner(&stdout)
 	}
diff --git a/pkg/logs/loggers_test.go b/pkg/logs/loggers_test.go
index d1a48534..7e0a6002 100644
--- a/pkg/logs/loggers_test.go
+++ b/pkg/logs/loggers_test.go
@@ -49,7 +49,7 @@ func TestGetJournalctlLogs(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			reader, _ := GetJournalctlLogs(tt.path, tt.useFile)
+			reader, _ := GetJournalctlLogs(tt.path, "", tt.useFile)
 			if got := New(reader, tt.name); !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("New() = %v, want %v", got, tt.want)
 			}