If the destinations are showing on FGT as hostname & not FAZ, then you probably have the following setting on FGT (which only controls how info is displayed in the GUI):
config log gui-display
set resolve-host enable
It is most accurate to do the DNS resolution before the logs are generated. That also ensures that neither FGT nor FAZ have to do any DNS resolution in the future (since it is recorded in the log).
Also, as recorded in the FortiAnalyzer Best Practices Guide, it is recommended not to perform DNS queries on the FortiAnalyzer if you are wishing to optimize report performance (see the section entitled "Report Performance").
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.