Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Find strings like 'jon' or 'dave' in the security event log of the servers named DC01.OHOLICS.NET, DC03.OHOLICS.NET and DC03.OHOLICS.NET
SELECT * INTO C:\TEMP\Output\output.csv
FROM \\DC01.OHOLICS.NET\security;\\DC02.OHOLICS.NET\security;\\DC03.OHOLICS.NET\security
WHERE TimeWritten > TIMESTAMP ( '2009-01-01 01:00:00', 'yyyy-MM-dd hh:mm:ss' ) AND SourceName = 'Microsoft-Windows-Security-Auditing' AND
( Strings LIKE '%jon%' OR strings LIKE '%dave%')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment