I'd like to see the ability to customize the logging. I have a mandatory redirect in place for all users of our systems. It adds more security, however, all the log is saying is redirect. I'd like to know which computer the address is redirecting to. I'm seeing several "incorrect password" attempts, and i'd like to know if it is an authorized user making these attempts. Also, if the username from the NT authorization could be captured, I would know if a users NT password would need updated.