Syslog data is successful in the search app. Fortigate version is 5.2.10 and Splunk software is at default 514 syslog port. Something I'm missing here?
What index are you dropping your data into ? For ease of use direct your syslog traffic to and index named "fgt" and ensure the sourcetype specified in your UDP data inputs is " fgt_log" or the APP wont find the data .
