Hi!
i’m looking for a “small” solution to collect Netwatch and Logs from about 20 Mikrotiks (Switches and Routers) with ROS7.
My start is a “Multi-Node Cluster with Docker Compose” in a VM which run Portainer.
See here: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-compose-file
The issue i have, is to add a Fleet/Fleet-Server. I tried to add a new compose/stack with dedicated Fleet-Server or expand the Compose file from the Example within a Fleet Server.
But i have no success, if the containers are start, the fleet server didn’t connect.
As my understanding the Fleet-Server is the successor of Logstash?
https://help.mikrotik.com/docs/spaces/ROS/pages/282132674/NetFlow+analysis+with+Elasticsearch
Have anyone a compose file or some hints how to get it up?
If the Containers are not recommended, i can also switch to a “native” installation… (tried already, but also fleetserver didn’t connect)
I did some tests with ntop - but ntop need nProbe, i didn’t this combo also not up and running…
Best Regards!
YAN