computer name,
(
(
month of it as two digits & "/" & day_of_month of it as two digits & "/" & year of it as string
)
of dates
(
local time zone
)
of times generated of it,
(
time of times
(
local time zone
)
of times generated of it
)
, concatenation of substrings separated by "%0d%0a" of
(
preceding text of first "%0d%0a" of following text of last "Account Name:%09%09" of it
)
of
(
descriptions of it
)
)
of records whose
(
event id of it = 4740 and now - time generated of it < 1*day
)
of
(
security event log
)
computer name, ((month of it as two digits & "/" & day_of_month of it as two digits & "/" & year of it as string) of dates (local time zone) of times generated of it, (time of times (local time zone) of times generated of it), concatenation of substrings separated by "%0d%0a" of (preceding text of first "%0d%0a" of following text of last "Account Name:%09%09" of it) of (descriptions of it)) of records whose (event id of it = 4740 and now - time generated of it < 1*day) of (security event log)
