# Fortinet FortiAnalyzer (syslog) In this guide, you will configure syslog log forwarding for Fortinet FortiAnalyzer. ### Add the data connector in Radiant Security 1. Log in to [Radiant Security](https://app.radiantsecurity.ai/). 2. From the navigation menu, click **Settings** > **Data Connectors** and click **+ Add Connector**. 3. Search for and select the **Fortinet Fortigate** option and then click **Data Feeds**. 4. Under **Select your data feeds**, select the **Fortinet Fortigate v7** data feed and click **Credentials**. 5. Under **Credential Name**, give the credential an identifiable name (e.g. `Fortigate - Token`). If you already have a credential in place, select it from the drop-down menu. Click **Add Connector**. 6. In the **Connector tag** field, enter a random value. This value will act as the salt to randomize the unique **Token** you’ll download in the next step. 7. Click **Add Connector**. 8. Click **Done** to save your changes. ### Licenses A FortiAnalyzer license is required to proceed with this integration. If you wish to onboard Fortinet Fortigate firewalls but don't have a FortiAnalyzer, refer to the Fortinet Fortigate (syslog) document. ### Configure a local Radiant Security Agent {% hint style="info" %} **Note:** When using FortiAnalyzer, the implementation of the Radiant Security Agent is mandatory. {% endhint %} Refer to the Install the [Radiant Security Agent](https://help.radiantsecurity.ai/radiant-connectors/data-connectors/install-the-radiant-security-agent) guide to set up a local agent to collect the logs. ### Configure log forwarding with FortiAnalyzer 1. Access the FortiAnalyzer Console, go to **System Settings > Log Forwarding**. 2. In the toolbar, click **Create** **New**. 3. On the new pane, configure the following settings: 1. If you're sending us the logs through a direct syslog connection * **Name**: `RadiantSecurity_Connector` * **Status**: ON * **Server FQDN/IP**: Enter the IP address of the local syslog forwarder * **Syslog Server Port**: `6514` * **Reliable Connection**: ON 2. If you're sending us the logs through a Site Collector + Radiant Agent setup * **Name**: `RadiantSecurity_Connector` * **Status**: ON * **Server FQDN/IP**: Enter the IP address of the VM where you installed the Radiant Agent. * **Syslog Server Port**: `Port number configured on the Agent installer packag` * **Reliable Connection**: ON 4. For both scenarios: * (If available) **Remote Server Type:** Syslog * (Optional) **Device Filters:** Select the Fortigate devices whose logs must be forwarded to Radiant Security * If no devices are selected, logs from all Fortigate devices will be forwarded. * **Log Filters**: ON * **Log messages that match**: Any of the Following Conditions * Add the following filters: * **Log Type Equal To Traffic** * **Log Type Equal To Event** * **Log Type Equal To UTM**
5. Click **OK** to save your changes.