Update ProcessEntropy.yaml

Hunting Queries/SecurityEvent/ProcessEntropy.yaml

@@ -120,8 +120,10 @@ query: |
   SecEvents
   | project TimeGenerated, EventID, Computer, SubjectUserSid, Account, AccountType, Process, NewProcessName, CommandLine, ParentProcessName, _ResourceId, SourceComputerId 
   ) on Computer, Process 
-  | project TimeGenerated, EventID, Computer, SubjectUserSid, Account, AccountType, Weight, ProcessEntropy,  
-  Process, NewProcessName, CommandLine, ParentProcessName, AllHostsProcessCount, ProcessCountOnHost, DistinctHostsProcessCount, _ResourceId, SourceComputerId 
+  | summarize StartTime = min(TimeGenerated), EndTime = max(TimeGenerated), ResultCount = count() by EventID, Computer, SubjectUserSid, Account, AccountType, Weight, ProcessEntropy,  
+  Process, NewProcessName, CommandLine, ParentProcessName, AllHostsProcessCount, ProcessCountOnHost, DistinctHostsProcessCount, _ResourceId, SourceComputerId
+  | project-reorder StartTime, EndTime, ResultCount, EventID, Computer, SubjectUserSid, Account, AccountType, Weight, ProcessEntropy,  
+  Process, NewProcessName, CommandLine, ParentProcessName, AllHostsProcessCount, ProcessCountOnHost, DistinctHostsProcessCount, _ResourceId, SourceComputerId
   | sort by Weight asc, ProcessEntropy asc, NewProcessName asc 
   | extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = Account