The Fortinet FortiGate App for Splunk provides datacenter threat visualizations to identify anomalous behavior and helps de-duplicate threat feed data to enable the fast creation and consolidation of analytics. The Fortinet FortiGate App for Splunk properly maps log fields from FortiGate appliances and interchanges into a common format to Splunk intelligence framework. 
The Fortinet FortiGate App for Splunk verifies current and historical logs, administrative events, basic firewall, unified treat management, anti-virus, IPS and application controls with Fortinet VDOM enabled. The integrated dashboard enables layered defense with network security, better application threat detection and management through rich data logs from Fortinet physical and virtual appliances. 

The Fortinet FortiGate App for Splunk supports logs from FortiOS 5.0/5.2/5.4. FortiOS 5.6 and later are supported beginning from Fortinet FortiGate Add-on for Splunk 1.5 version.