diff --git a/src/main.rs b/src/main.rs
index 15bad38..85e56be 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -78,6 +78,10 @@ struct SearchArgs {
     /// Text to search for in log lines
     #[arg(long)]
     query: String,
+
+    /// Include correlationId in output
+    #[arg(short = 'c', long = "correlation-id")]
+    correlation_id: bool,
 }
 
 fn parse_date(s: &str) -> Result<NaiveDate> {
@@ -90,9 +94,11 @@ fn main() -> Result<()> {
 
     match args.command {
         Command::Signature(sig_args) => run_signature(sig_args),
-        Command::Search(search_args) => {
-            search::run_search(search_args.file.to_str().unwrap(), &search_args.query)
-        }
+        Command::Search(search_args) => search::run_search(
+            search_args.file.to_str().unwrap(),
+            &search_args.query,
+            search_args.correlation_id,
+        ),
     }
 }
 
diff --git a/src/search.rs b/src/search.rs
index 68a51b2..daaff53 100644
--- a/src/search.rs
+++ b/src/search.rs
@@ -10,7 +10,10 @@ static SYSLOG_TIMESTAMP_RE: LazyLock<Regex> =
 
 static MSG_RE: LazyLock<Regex> = LazyLock::new(|| Regex::new(r#"msg="([^"]+)""#).unwrap());
 
-pub fn run_search(file_path: &str, query: &str) -> Result<()> {
+static CORRELATION_ID_RE: LazyLock<Regex> =
+    LazyLock::new(|| Regex::new(r"correlationId=([^,\s]+)").unwrap());
+
+pub fn run_search(file_path: &str, query: &str, show_correlation_id: bool) -> Result<()> {
     let mut reader = read_log_file(file_path)?;
     let mut line = String::new();
     let mut match_count = 0u64;
@@ -36,11 +39,21 @@ pub fn run_search(file_path: &str, query: &str) -> Result<()> {
             .captures(line_trimmed)
             .map(|c| c.get(1).unwrap().as_str());
 
-        match (timestamp, msg) {
-            (Some(ts), Some(m)) => println!("[{}] {}", ts, m),
-            (Some(ts), None) => println!("[{}] <no msg field>", ts),
-            (None, Some(m)) => println!("[?] {}", m),
-            (None, None) => println!("[?] <no msg field>"),
+        let corr_id = if show_correlation_id {
+            CORRELATION_ID_RE
+                .captures(line_trimmed)
+                .map(|c| c.get(1).unwrap().as_str())
+        } else {
+            None
+        };
+
+        let ts_part = timestamp.unwrap_or("?");
+        let msg_part = msg.unwrap_or("<no msg field>");
+
+        if let Some(cid) = corr_id {
+            println!("[{}] [{}] {}", ts_part, cid, msg_part);
+        } else {
+            println!("[{}] {}", ts_part, msg_part);
         }
 
         match_count += 1;