SessionAuthentication
Defines values for the type of authentication used during a Remote Procedure Call (RPC) login to a server. This login occurs when you create a EventLogSession object that specifies a connection to a remote computer.
Default = 0
Use the default authentication method during RPC login. The default authentication is equivalent to Negotiate.
Kerberos = 2
Use Kerberos authentication during RPC login.
Negotiate = 1
Use the Negotiate authentication method during RPC login. This allows the client application to select the most appropriate authentication method (NTLM or Kerberos) for the situation.
Ntlm = 3
Use Windows NT LAN Manager (NTLM) authentication during RPC login.