Using snappy-debug.security scanlog I get the following error.
ERROR: '/var/log/syslog' does not exist. Aborting. Please choose another file with
--log-file or try redirecting journalctl. Eg:
ERROR: $ sudo journalctl --output=short --follow --all | sudo snappy-debug
sudo journalctl --output=short --follow --all | sudo snappy-debug seems to work fine as a workaround.
How do I report this issue?
You just did 
. FYI, these days you can simply use snappy-debug instead of snappy-debug.security scanlog.
Seriously though, what you are seeing is expected behavior on systems with only journald, like Arch.
What is happening is snappy-debug is trying to be useful on its own and defaults to /var/log/syslog on systems that have it and if not, displays that message (snappy-debug could look for other files in /var/log, but that doesn’t help Arch which only uses journald). snappy-debug cannot itself use journalctl from its runtime environment because the binary format for a particular version of systemd-journald is not guaranteed to be compatible with journalctls of different versions, so the journalctl in the snap’s runtime might be too old to parse the system’s binary logs. Similarly, snappy-debug cannot ship journalctl itself for the same reasons since it may not match the host journald version. What is theoretically possible is to try to use /var/lib/snapd/hostfs/bin/journalctl, which is something I’ve tried but found was brittle cross-distro. It’s on my todo to take another crack at hostfs and see if I can make it robust.
Thanks for the information. I guess I am surprised that the command cannot just get run for me from snappy-debug.