In my Active Directory data I have this situation:

Subject:
    Security ID:        NT AUTHORITY\SYSTEM
    Account Name:       ADDC01
    Account Domain:     AD
    Logon ID:       0x3e7
Account That Was Locked Out:
    Security ID:        MyDomain\Lightning.McQueen
    Account Name:       lightning.mcqueen

I would like to extract ADDC01 into a different field name e.g. Server_Account so that I can isolate which are users and which are servers.

Any help would be greatly appreciated!