diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index 75a33f15..2e58e904 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -744,7 +744,7 @@
 
 - macro: ms_oms_writing_conf
   condition: >
-    ((proc.name in (omiagent,omsagent,in_heartbeat_r*,omsadmin.sh,PerformInventor)
+    ((proc.name in (omiagent,omsagent,in_heartbeat_r*,omsadmin.sh,PerformInventor,dsc_host)
        or proc.pname in (ms_oms_binaries)
        or proc.aname[2] in (ms_oms_binaries))
      and (fd.name startswith /etc/opt/omi or fd.name startswith /etc/opt/microsoft/omsagent))