From the SQL logging of NPS(802.1x) server(win2k8R), the packet type 3 tells that machine containing the mac address in past record did not get the access meaning the results only depends upon the sequence that is followed. However in concurrent access requests,
the sequenec is not guaranteed as well as showin in snap below.
How can one make report out of such illogical logs data ?
At the same time, event logged inside of NPS event viewer is quite descriptive. In the signle event everything is properly logged and recorded.
We need to develop reports like lsit of machines which got authentication failure in a whole day ? how can one do that ?
what use is such a log.
on the other hand, we can easily query event log of NPS, it would generate lot of extra load on NPS as well as complex XQuery might need be developed to query the event viewer i think.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.