Hello @azhar Nasim
Thank you for using Q & A forum.
This event ID will contain the source computer of the lockout.
Refer to the below link solution already provided.
Using PowerShell to Find the Source of Account Lockouts
- Open the Group Policy Management console. This can be from the domain controller or any computer that has the RSAT tools installed.
- Modify the Default Domain Controllers Policy
If this answers your query, do click
Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.