diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
index 06af6322..5387bf8c 100644
--- a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -162,6 +162,7 @@
       "data.dstip",
       "data.dstport",
       "data.dstuser",
+      "data.extra_data",
       "data.hardware.serial",
       "data.id",
       "data.integration",
@@ -943,6 +944,9 @@
           "data": {
             "type": "keyword"
           },
+          "extra_data": {
+            "type": "keyword"
+          },
           "system_name": {
             "type": "keyword"
           },
@@ -1673,4 +1677,4 @@
     }
   },
   "version": 1
-}
+}
\ No newline at end of file