I need to be able to quickly report on, and identify AD/windows user account login failures...and to be able to find the source IP of the host locking the account out.
Might be overkill, but check out the Splunk App for Windows Infrastructure ( https://splunkbase.splunk.com/app/1680/ )
http://docs.splunk.com/Documentation/MSApp/1.1.3/Reference/ADAdministratorAudit
http://docs.splunk.com/Documentation/MSApp/1.1.3/Reference/FailedLogons