Update lnx_system_info_discovery.yml

rules/linux/lnx_system_info_discovery.yml

@@ -17,7 +17,19 @@ detection:
           - 'hostname'
           - '/etc/issue'
           - 'uptime'
-    condition: selection
+          - 'lspci'
+          - 'dmidecode'
+          - 'lscpu'
+          - 'lsmod'
+    selection2:
+      type: 'PATH'
+      name:
+          - '/sys/class/dmi/id/bios_version'
+          - '/sys/class/dmi/id/product_name'
+          - '/sys/class/dmi/id/chassis_vendor'
+          - '/proc/scsi/scsi'
+          - '/proc/ide/hd0/model'
+    condition: selection or selection2
 falsepositives:
     - Legitimate administration activities
 level: low