[hdevalence]

Note that the second point is quite important -- it provides a rolling hash of the journal contents that you can send to another machine, so that in the event of a break-in, you can detect any tampering with the syslogs. As I recall, this was inspired by the break-in to the kernel.org servers, where the attacker tampered with the log files. That would be impossible with journald.

[Sanddancer]

There are syslog daemons that can provide cryptographic security as well. Alternatively, they can also log directly to an SQL database, use SSL client certificates, etc. Modern syslog daemons are quite powerful.

[mateuszf]

Yeah, but journald works even on plain stdout, stderr. It's hard to beat that.