Update ADOVariableCreatedDeleted.yaml

Mapping correct fields for entity

Hunting Queries/AzureDevOpsAuditing/ADOVariableCreatedDeleted.yaml

@@ -26,7 +26,7 @@ query: |
   | extend VariablesRemoved = set_difference(bag_keys(variables), bag_keys(variables1)) 
   | project-rename TimeCreated=TimeGenerated, TimeDeleted = TimeGenerated1, CreatingUser = ActorUPN, DeletingUser = ActorUPN1, CreatingIP = IpAddress, DeletingIP = IpAddress1, CreatingUA = UserAgent, DeletingUA = UserAgent1
   | project-reorder VariableGroupName, TimeCreated, TimeDeleted, VariablesRemoved, CreatingUser, CreatingIP, CreatingUA, DeletingUser, DeletingIP, DeletingUA
-  | extend timestamp = TimeGenerated, AccountCustomEntity = ActorUPN, IPCustomEntity = IpAddress
+  | extend timestamp = TimeDeleted, AccountCustomEntity = DeletingUser, IPCustomEntity = DeletingIP
 entityMappings:
   - entityType: Account
     fieldMappings:
@@ -35,4 +35,4 @@ entityMappings:
   - entityType: IP
     fieldMappings:
       - identifier: Address
-        columnName: IPCustomEntity
+        columnName: IPCustomEntity