Troubleshooting Account Lockout (Technet)
Account Lockout and Management Tools
Account Lockout Status (LockoutStatus.exe)
SCOM Alerts & Audit Collection Services
You should be able to setup an event collection on the Security event log for that lockout and a few other events so that you get an alert. Here a just a few events that you could alert on to help monitor that account. Event ID 531 : Account disabled Event ID 532 : Account expired Event ID 535 : Password expired Event ID 539 : Logon Failure: Account locked out Event ID 644 : User account Locked out
These article have a pretty good list of other security event id’s that you can alert on as well.
I liked your way of presentation. The information you provided is great, Thank you for this, and hope in future you will come with more knowledgeable information.
Check this and finish this problem http://farisnt.blogspot.ae/2014/02/why-ad-user-account-locked-out.html