Just thought I'd report my findings. I tried the following:
1) eventcomMT.exe - This is a Microsoft utility for viewing event logs across domain controllers. It didn't work for my purposes because we set Windows event logs to a minimal size since we forward them to the Kiwi sylog server.
2) WinGREP - It's an older freeware that allows searching of multiple files. Good search capabilities but it's slow based on the large number of log files we have. This is useful if there is something specific you have to search for which you haven't already created a rule and filter for in Kiwi Syslog Server. For some reason though, it deleted some of my log files although I'm still trying to figure out how it works.
3) Create rule with specific filter - This is what worked for me. Based on the hints I got, I was able to setup a rule to filter for account lockout from all Domain Controllers and send it to a single log file that rotates when it reaches 20mb. This allows for a quick and simple username search for all lockouts going as far back as you want in a manageable format.
4) Log to Database - I did not try this action within a rule as I'm not a sql guy so it's a bit more work than I wanted.
