From 68e843f0d37b14f8607f910ca6ca77620ff7f3ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= <o.gunal977@gmail.com>
Date: Fri, 16 Oct 2020 10:48:36 +0300
Subject: [PATCH] Update lnx_system_info_discovery.yml

---
 rules/linux/lnx_system_info_discovery.yml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/rules/linux/lnx_system_info_discovery.yml b/rules/linux/lnx_system_info_discovery.yml
index 69be33b13..2768bb6c4 100644
--- a/rules/linux/lnx_system_info_discovery.yml
+++ b/rules/linux/lnx_system_info_discovery.yml
@@ -17,7 +17,19 @@ detection:
           - 'hostname'
           - '/etc/issue'
           - 'uptime'
-    condition: selection
+          - 'lspci'
+          - 'dmidecode'
+          - 'lscpu'
+          - 'lsmod'
+    selection2:
+      type: 'PATH'
+      name:
+          - '/sys/class/dmi/id/bios_version'
+          - '/sys/class/dmi/id/product_name'
+          - '/sys/class/dmi/id/chassis_vendor'
+          - '/proc/scsi/scsi'
+          - '/proc/ide/hd0/model'
+    condition: selection or selection2
 falsepositives:
     - Legitimate administration activities
 level: low