SECURITY_LOGON_TYPE enumeration [Security]

The SECURITY_LOGON_TYPE enumeration indicates the type of logon requested by a logon process.
 
typedef enum _SECURITY_LOGON_TYPE
{
Interactive = 2,
Network,
Batch,
Service,
Proxy,
Unlock,
NetworkCleartext,
NewCredentials,
RemoteInteractive,
CachedInteractive,
CachedRemoteInteractive,
CachedUnlock
}SECURITY_LOGON_TYPE, […]

Taken from ntsecapi.h in the security subdirectory on the Win32 SDK CD. Used by a logon process to indicate what type of logon is being requested.
typedef enum _SECURITY_LOGON_TYPE
{
Interactive = 2, // Interactively logged on (locally or remotely)
Network = 3, […]

All successful logons are Event ID 528 entries in the security log, assuming auditing is turned on and you are auditing successful logons. Unsuccessful logons have various event ids which categorize the type of logon failure.Event ID 528 entries list the:

user name
domain
logon id
logon type
logon process
authenication package
workstation name

The types of successful logon types:

http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTips/EventLogs/

http://support.microsoft.com/kb/q174074/
   Event ID: 512
       Type: Success Audit
Description: Windows NT is starting up.
   Event ID: 513
       Type: Success Audit
Description: Windows NT is shutting down. All logon sessions will be
             terminated by this shutdown.
   Event ID: 514
       Type: Success Audit
Description: An authentication package has been loaded by the Local
             Security Authority. This authentication package will be
             used […]