The first line instructs Elasticsearch to execute a "match" query. There are many different queries, and match is one of them. You can find information about the match query here:

The match query can be used to search for one or more terms in a specific field in your documents. In this case, Elasticsearch will search for the terms "LOCAL" or "SERVICE" in the field "event_data.SubjectUserName" of your documents.

All documents that contain either (or both) of these terms will be a match. Elasticsearch will score the documents based on how well these documents match your query and by default returns you the top 10 documents with the highest score.