diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index bdc1a01f..cf2fc0c6 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -543,7 +543,8 @@
   condition: (proc.name=htpasswd and fd.name=/etc/nginx/.htpasswd)
 
 - macro: dmeventd_writing_lvm_archive
-  condition: (proc.name=dmeventd and fd.name startswith /etc/lvm/archive/)
+  condition: (proc.name=dmeventd and (fd.name startswith /etc/lvm/archive or
+                                      fd.name startswith /etc/lvm/backup))
 
 ###############
 # General Rules