Issue NETFLOW Fortigate

[NauGui]

Hello,

Im meeting an issue to receive NETFLOW from my FortiGate. I actually use elastiflow in container, I also collect flow from my Sophos (IPFIX) and it's work perfectly fine.

I can saw the flow with tcpdump on my server : tcpdump -A -i any dst port 2055 10:05:48.771344 IP 192.168.2.1. > cluster-elk.iop: UDP, length 1292 But it's seem that no data is processed receive by the container. The port on the container are open : robcowart/elastiflow-logstash:4.0.1.update.2 *:5046->5044/tcp, *:9601->9600/tcp, *:9701->9700/tcp, *:2055->2055/udp, *:4739->4739/udp

When I check the log from my container :

elk_log01-elastiflow.1.rkydc2hshlcd@manager    | [2021-01-05T08:51:30,850][INFO ][logstash.inputs.udp      ][elastiflow][6e586052011316bc65b9cca00dae45073855b1bed67152ed1f3256217efae6bb] UDP listener started {:address=>"0.0.0.0:2055", :receive_buffer_bytes=>"212992", :queue_size=>"4096"}
elk_log01-elastiflow.1.rkydc2hshlcd@manager    | [2021-01-05T08:51:30,851][INFO ][logstash.inputs.udp      ][elastiflow][bf287feb797eab93655996d18791739005772839a037e328e35ce74de40543a4] UDP listener started {:address=>"0.0.0.0:4739", :receive_buffer_bytes=>"212992", :queue_size=>"4096"}