diff --git a/artifacts/definitions/Linux/Forensics/Journal.yaml b/artifacts/definitions/Linux/Forensics/Journal.yaml
index ca1e5edc3d..32dcb7a867 100644
--- a/artifacts/definitions/Linux/Forensics/Journal.yaml
+++ b/artifacts/definitions/Linux/Forensics/Journal.yaml
@@ -38,3 +38,19 @@ sources:
       FROM parse_journald(filename=OSPath,
           start_time=DateAfter, end_time=DateBefore)
     })
+
+  notebook:
+    - type: vql_suggestion
+      name: Simplified syslog-like view
+      template: |
+        /*
+        # Simplified log view
+        */
+        LET ColumnTypes<=dict(`_ClientId`='client')
+
+        SELECT System.Timestamp AS Timestamp,
+               ClientId AS _ClientId,
+               client_info(client_id=ClientId).os_info.hostname AS Hostname,
+               EventData.SYSLOG_IDENTIFIER AS Unit,
+               EventData.MESSAGE AS Message
+        FROM source()