FortiGate Next Generation Firewalls (NGFWs) deliver industry-leading enterprise security for any edge at any scale with full visibility and threat protection. Organizations can weave security deep into the hybrid IT architecture and build security-driven networks to achieve ultra-fast security, end to end.
FortiGate datacenter threat visualizations in Splunk help you identify anomalous behavior and de-duplicate threat feed data to enable the fast creation and consolidation of analytics. Splunk ingests and maps security and traffic data collected from FortiGate physical and virtual appliances across domains. Log fields can be mapped from FortiGate appliances and interchanges into a common format. In the Common Information Model, FortiGate data is typically mapped to the Firewall data model.
Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion:
Getting data in
|Source||Add-ons and Apps||Guidance|