GlobalProtect log stage and event
My customer was a Brute force attacked on last week. Today they see GlobalProtect log is from another country (we are in TH) and wonder is this abnormal activity or not.
and what is the meaning of "before-login" on stage column and "portal-prelogin"
...