diff --git a/README.md b/README.md
index 98e6ced..7c25746 100644
--- a/README.md
+++ b/README.md
@@ -11,9 +11,16 @@ On nodes themselves the utility allows you to grab logs from two different sourc
 - Messages file
 
 ### Journal
-On nodes themselves the utility can grab logs from both the journal & messages files.
+Using the journal source you have the ability to specify which units/services you want to look for an are able to specify time constraints "last X hours/minutes". Allows you to more accurately grab logs for a specific timeframe.
 
-### Syslog Server
-#### Syslog Node Logs
-If you use a syslog server you can also remotely query logs from the log directories.
+### Messages (not-implemented)
+Depending on your setup (if you're using syslog or not) you may have logs output to a messages file `/var/log/messages` alongside to the journal on your device. This will usually keep logs for much longer as these files are also usually rotated as well meaning that logs will persist for longer than in the journal.
+
+This by default takes more manual work to filter by time, service name & etc, but allows for more logs to search through long-term.
+
+### Syslog Queue (not-implemented)
+If using rsyslog to forward logs to a logserver, the service will queue up logs in `/var/spool/rsyslog/` which can also be searched if present
+
+## Syslog Server
+Syslog servers aggregate logs from multiple clients in `/var/log/hosts/<hostname>/<year>/<month-num>/<day>/messages` which can be searched for older logs