diff --git a/rules/linux/lnx_process_discovery.yml b/rules/linux/lnx_process_discovery.yml
index 5ca621ead..a6bf0eec1 100644
--- a/rules/linux/lnx_process_discovery.yml
+++ b/rules/linux/lnx_process_discovery.yml
@@ -10,7 +10,7 @@ logsource:
     product: linux
 detection:
     selection:
-        - CommandLine|contains:
+        - ProcessName|contains:
           - 'ps '
           - 'top'
     condition: selection