Find strings like 'jon' or 'dave' in the security event log of the servers named DC01.OHOLICS.NET, DC03.OHOLICS.NET and DC03.OHOLICS.NET

LogParser-Servers-User.sql

SELECT * INTO C:\TEMP\Output\output.csv
FROM \\DC01.OHOLICS.NET\security;\\DC02.OHOLICS.NET\security;\\DC03.OHOLICS.NET\security
WHERE  TimeWritten > TIMESTAMP ( '2009-01-01 01:00:00', 'yyyy-MM-dd hh:mm:ss' ) AND SourceName = 'Microsoft-Windows-Security-Auditing' AND 
       ( Strings LIKE '%jon%' OR strings LIKE '%dave%')