FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Article Id 195206
Once the log upload is configured on to FTP server, certain logs are seen with junk characters in them (such as date format) once you open the logs from the FTP server.

By default the log format is set to “native”. To view the logs in a visible format, change the log format to “text”.  Refer to the following screenshot to configure the log upload to FTP via GUI.


Once the configuration is done through the GUI, use the following commands to view the log-format:

# config system log settings
# config rolling-regular
# get
file-size           : 200
upload            : enable
when              : none
del-files          : disable
directory         : (null)
gzip-format      : disable
ip                   :
ip2                 :
ip3                 :
log-format       : native
password        : *
password2       : *
password3       : *
server-type     : ftp
upload-hour     : 0
upload-mode    : backup
upload-trigger   : on-roll
username        : (null)
username2      : (null)
username3      : (null)

Change the log-format to text format using the following command:

# config system log settings
# config rolling-regular
# set log-format text
# end
# end