Merge pull request #1245 from ehudk-msft/patch-2

Update Threat Intel Matches to GitHub Audit Logs.yaml

Detections/GitHub/Threat Intel Matches to GitHub Audit Logs.yaml

@@ -32,7 +32,7 @@ query: |
     | where TimeGenerated >= ago(24h)
     | extend GitHubAudit_TimeGenerated = TimeGenerated
   )
-  on on $left.TI_ipEntity == $right.IPaddress
+  on $left.TI_ipEntity == $right.IPaddress
   | summarize LatestIndicatorTime = arg_max(TimeGenerated, *) by IndicatorId
   | project LatestIndicatorTime, Description, ActivityGroupNames, IndicatorId, ThreatType, Url, ExpirationDateTime, ConfidenceScore, GitHubAudit_TimeGenerated, TI_ipEntity, IPaddress, Actor, Action, Country, OperationType, NetworkIP, NetworkDestinationIP, NetworkSourceIP, EmailSourceIpAddress
   | extend timestamp = GitHubAudit_TimeGenerated, IPCustomEntity = IPaddress, AccountCustomEntity = Actor