diff --git a/.gitignore b/.gitignore
index 13c0ba149b575..b0d5249dd325f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,9 @@
 # build files
 artifacts/
 
+.java
+.m2
+
 # intellij files
 .idea/
 *.iml
diff --git a/ecs/generate.sh b/ecs/generate.sh
index 14c691d517cf8..c819c72a8ca76 100755
--- a/ecs/generate.sh
+++ b/ecs/generate.sh
@@ -27,6 +27,7 @@ generate_mappings() {
     --subset "$IN_FILES_DIR/subset.yml" \
     --template-settings "$IN_FILES_DIR/template-settings.json" \
     --template-settings-legacy "$IN_FILES_DIR/template-settings-legacy.json" \
+    --mapping-settings "$IN_FILES_DIR/mapping-settings.json" \
     --out "$OUT_DIR" || exit 1
 
   # Replace "match_only_text" type (not supported by OpenSearch) with "text"
diff --git a/ecs/vulnerability-detector/event-generator/event_generator.py b/ecs/vulnerability-detector/event-generator/event_generator.py
index 0b8c71ec5295b..7fc69fb5ea732 100755
--- a/ecs/vulnerability-detector/event-generator/event_generator.py
+++ b/ecs/vulnerability-detector/event-generator/event_generator.py
@@ -163,7 +163,7 @@ def generate_random_vulnerability():
             'temporal': round(random.uniform(0, 10), 1),
             'version': round(random.uniform(0, 10), 1)
         },
-        'severity': random.choice(['low', 'medium', 'high', 'critical'])
+        'severity': random.choice(['Low', 'Medium', 'High', 'Critical'])
     }
     return vulnerability
 
@@ -171,7 +171,8 @@ def generate_random_vulnerability():
 def generate_random_wazuh():
     wazuh = {
         'cluster': {
-            'name': f'wazuh-cluster-{random.randint(0,10)}'
+            'name': f'wazuh-cluster-{random.randint(0,10)}',
+            'node': f'wazuh-cluster-node-{random.randint(0,10)}'
         }
     }
     return wazuh
@@ -186,7 +187,7 @@ def generate_random_data(number):
             'ecs': {'version': '1.7.0'},
             # 'event': generate_random_event(),
             'host': generate_random_host(),
-            'labels': generate_random_labels(),
+            # 'labels': generate_random_labels(),
             'message': f'message{random.randint(0, 99999)}',
             'package': generate_random_package(),
             'tags': generate_random_tags(),
diff --git a/ecs/vulnerability-detector/fields/custom/wazuh.yml b/ecs/vulnerability-detector/fields/custom/wazuh.yml
index 6975a19690e6b..4f8b0c6f21173 100644
--- a/ecs/vulnerability-detector/fields/custom/wazuh.yml
+++ b/ecs/vulnerability-detector/fields/custom/wazuh.yml
@@ -8,4 +8,9 @@
       type: keyword
       level: custom
       description: >
-        Wazuh cluster name.
\ No newline at end of file
+        Wazuh cluster name.
+    - name: cluster.node
+      type: keyword
+      level: custom
+      description: >
+        Wazuh cluster node name.
\ No newline at end of file
diff --git a/ecs/vulnerability-detector/fields/mapping-settings.json b/ecs/vulnerability-detector/fields/mapping-settings.json
new file mode 100644
index 0000000000000..0ad2b48fcc1be
--- /dev/null
+++ b/ecs/vulnerability-detector/fields/mapping-settings.json
@@ -0,0 +1,4 @@
+{
+    "dynamic": "strict",
+    "date_detection": false
+}
\ No newline at end of file
diff --git a/ecs/vulnerability-detector/fields/subset.yml b/ecs/vulnerability-detector/fields/subset.yml
index bf1b579fde563..75e9d0b92686c 100644
--- a/ecs/vulnerability-detector/fields/subset.yml
+++ b/ecs/vulnerability-detector/fields/subset.yml
@@ -2,7 +2,10 @@
 name: vulnerability_detector
 fields:
   base:
-    fields: "*"
+    fields: 
+      "@timestamp": {}
+      tags: []
+      message: ""
   agent:
     fields: "*"
   ecs: