diff --git a/detection/execution/exotic-command-events-linux.sql b/detection/execution/exotic-command-events-linux.sql
index 9b941c4..3ff2d55 100644
--- a/detection/execution/exotic-command-events-linux.sql
+++ b/detection/execution/exotic-command-events-linux.sql
@@ -159,4 +159,4 @@ WHERE
   AND NOT cmd LIKE 'dirname %history'
   AND NOT cmd LIKE 'tail /%history'
   AND NOT cmd LIKE 'find . -executable -type f -name %grep -l GNU Libtool%touch -r%'
-  AND NOT basename IN ('cc1')
+  AND NOT basename IN ('cc1', 'compile')