diff --git a/ecs/states-fim/fields/custom/agent.yml b/ecs/states-fim/fields/custom/agent.yml
new file mode 100644
index 0000000000000..17b6f7324d830
--- /dev/null
+++ b/ecs/states-fim/fields/custom/agent.yml
@@ -0,0 +1,12 @@
+---
+- name: agent
+  title: Wazuh Agents
+  short: Wazuh Inc. custom fields.
+  type: group
+  group: 2
+  fields:
+    - name: groups
+      type: keyword
+      level: custom
+      description: >
+        The groups the agent belongs to.
\ No newline at end of file
diff --git a/ecs/states-fim/fields/mapping-settings.json b/ecs/states-fim/fields/mapping-settings.json
new file mode 100644
index 0000000000000..0ad2b48fcc1be
--- /dev/null
+++ b/ecs/states-fim/fields/mapping-settings.json
@@ -0,0 +1,4 @@
+{
+    "dynamic": "strict",
+    "date_detection": false
+}
\ No newline at end of file
diff --git a/ecs/states-fim/fields/subset.yml b/ecs/states-fim/fields/subset.yml
new file mode 100644
index 0000000000000..00be04f87e645
--- /dev/null
+++ b/ecs/states-fim/fields/subset.yml
@@ -0,0 +1,36 @@
+---
+name: wazuh-states-fim
+fields:
+  base:
+    fields:
+      tags: []
+  agent:
+    fields:
+      id: {}
+      groups: {}
+  file:
+    fields:
+      attributes: {}
+      name: {}
+      path: {}
+      gid: {}
+      group: {}
+      inode: {}
+      hash:
+        fields:
+          md5: {}
+          sha1: {}
+          sha256: {}
+      mtime: {}
+      mode: {}
+      size: {}
+      target_path: {}
+      type: {}
+      uid: {}
+      owner: {}
+  registry:
+    fields:
+      key: {}
+      value: {}
+
+
diff --git a/ecs/states-fim/fields/template-settings-legacy.json b/ecs/states-fim/fields/template-settings-legacy.json
new file mode 100644
index 0000000000000..91c05d65c44cf
--- /dev/null
+++ b/ecs/states-fim/fields/template-settings-legacy.json
@@ -0,0 +1,21 @@
+{
+  "index_patterns": ["wazuh-states-fim*"],
+  "order": 1,
+  "settings": {
+    "index": {
+      "number_of_shards": "1",
+      "number_of_replicas": "0",
+      "refresh_interval": "5s",
+      "query.default_field": [
+        "agent.id",
+        "agent.groups",
+        "file.name",
+        "file.path",
+        "file.target_path",
+        "file.group",
+        "file.uid",
+        "file.gid"
+      ]
+    }
+  }
+}
diff --git a/ecs/states-fim/fields/template-settings.json b/ecs/states-fim/fields/template-settings.json
new file mode 100644
index 0000000000000..4ecb7b7d3831c
--- /dev/null
+++ b/ecs/states-fim/fields/template-settings.json
@@ -0,0 +1,23 @@
+{
+  "index_patterns": ["wazuh-states-fim*"],
+  "priority": 1,
+  "template": {
+    "settings": {
+      "index": {
+        "number_of_shards": "1",
+        "number_of_replicas": "0",
+        "refresh_interval": "5s",
+        "query.default_field": [
+          "agent.id",
+          "agent.groups",
+          "file.name",
+          "file.path",
+          "file.target_path",
+          "file.group",
+          "file.uid",
+          "file.gid"
+        ]
+      }
+    }
+  }
+}
diff --git a/ecs/states-vulnerabilities/fields/subset.yml b/ecs/states-vulnerabilities/fields/subset.yml
index 9bde745b8f715..6b616dfb624d0 100644
--- a/ecs/states-vulnerabilities/fields/subset.yml
+++ b/ecs/states-vulnerabilities/fields/subset.yml
@@ -1,5 +1,5 @@
 ---
-name: wazuh-inventory-vulnerabilities
+name: wazuh-states-vulnerabilities
 fields:
   base:
     fields: