Hope you are doing well.
The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested.
In case authentication fails MWG fills the property Authentication.FailureReason.ID. ID "3"
The attached ruleset is a log ruleset which will allow you to monitor for failed authentication attempts. The resulting log will be created and will be accessible under Troubleshooting > Log Files > badpassword.log.
You can import the ruleset under Policy > Rulesets > Log Handler (bottom left), then select the "Default" log handler, click "Add" > Ruleset From library, then "Import from File", and browse for the ruleset. Attached is the ruleset
Disable the rule once we have required data otherwise it may be one of the reasons for filling up your disk space.
Please refer below link for more information on this:-
The account name you create on MWG is used, when MWG sends Authentication request to AD servers, so for all requests you will see MWG name which is the computer name/account name configured on MWG when you configure windows domain membership.
It is the AD server which is locking out the user which may be due to invalid user credentials being sent.
The bad password log file contains the authentication failure events.
Was my reply helpful? If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!