From 494372b41cf128f52a69c4644b47ad36226c4538 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=81lex=20Ruiz?= <alejandro.ruiz.becerra@wazuh.com>
Date: Wed, 8 Jan 2025 13:38:47 +0100
Subject: [PATCH] Test workflow

---
 ecs/states-vulnerabilities/fields/custom/vulnerability.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ecs/states-vulnerabilities/fields/custom/vulnerability.yml b/ecs/states-vulnerabilities/fields/custom/vulnerability.yml
index ebc9d6be7cc65..8664f0179ea45 100644
--- a/ecs/states-vulnerabilities/fields/custom/vulnerability.yml
+++ b/ecs/states-vulnerabilities/fields/custom/vulnerability.yml
@@ -27,3 +27,8 @@
       level: custom
       description: >
         The origin of the decision of the scanner (AKA feed used to detect the vulnerability).
+    - name: condition
+      type: keyword
+      level: custom
+      description: >
+        The condition used to consider the package sa vulnerable (installed version is lower or equal than a vulnerable version).