# Fortinet FortiAnalyzer (syslog)
In this guide, you will configure syslog log forwarding for Fortinet FortiAnalyzer.
### Add the data connector in Radiant Security
1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, click **Settings** > **Data Connectors** and click **+ Add Connector**.
3. Search for and select the **Fortinet Fortigate** option and then click **Data Feeds**.
4. Under **Select your data feeds**, select the **Fortinet Fortigate v7** data feed and click **Credentials**.
5. Under **Credential Name**, give the credential an identifiable name (e.g. `Fortigate - Token`). If you already have a credential in place, select it from the drop-down menu. Click **Add Connector**.
6. In the **Connector tag** field, enter a random value. This value will act as the salt to randomize the unique **Token** you’ll download in the next step.
7. Click **Add Connector**.
8. Click **Done** to save your changes.
### Licenses
A FortiAnalyzer license is required to proceed with this integration. If you wish to onboard Fortinet Fortigate firewalls but don't have a FortiAnalyzer, refer to the Fortinet Fortigate (syslog) document.
### Configure a local Radiant Security Agent
{% hint style="info" %}
**Note:** When using FortiAnalyzer, the implementation of the Radiant Security Agent is mandatory.
{% endhint %}
Refer to the Install the [Radiant Security Agent](https://help.radiantsecurity.ai/radiant-connectors/data-connectors/install-the-radiant-security-agent) guide to set up a local agent to collect the logs.
### Configure log forwarding with FortiAnalyzer
1. Access the FortiAnalyzer Console, go to **System Settings > Log Forwarding**.
2. In the toolbar, click **Create** **New**.
3. On the new pane, configure the following settings:
1. If you're sending us the logs through a direct syslog connection
* **Name**: `RadiantSecurity_Connector`
* **Status**: ON
* **Server FQDN/IP**: Enter the IP address of the local syslog forwarder
* **Syslog Server Port**: `6514`
* **Reliable Connection**: ON
2. If you're sending us the logs through a Site Collector + Radiant Agent setup
* **Name**: `RadiantSecurity_Connector`
* **Status**: ON
* **Server FQDN/IP**: Enter the IP address of the VM where you installed the Radiant Agent.
* **Syslog Server Port**: `Port number configured on the Agent installer packag`
* **Reliable Connection**: ON
4. For both scenarios:
* (If available) **Remote Server Type:** Syslog
* (Optional) **Device Filters:** Select the Fortigate devices whose logs must be forwarded to Radiant Security
* If no devices are selected, logs from all Fortigate devices will be forwarded.
* **Log Filters**: ON
* **Log messages that match**: Any of the Following Conditions
* Add the following filters:
* **Log Type Equal To Traffic**
* **Log Type Equal To Event**
* **Log Type Equal To UTM**
5. Click **OK** to save your changes.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/fortinet-fortianalyzer-syslog.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
