Hello @maniel, I looked at the pcap you provided, and it looks like you are collecting 6 additional elements that are specific to 11256 (Stormshield), and these element definitions need to be defined in a json file and provided when adding the input.
An example of how this file should be formatted can be found in the documentation: https://docs.graylog.org/en/3.2/pages/integrations/inputs/ipfix_input.html
Please create this file and provide it to the input in the IPFIX field definition option.
Thanks!