Update Sign-in Burst from Multiple Locations.yaml

Fixing first line in query to resolve yaml file validation issue, then will see if this resolves KQL validation issue, also adding in required timestamp entity mapping field.

Detections/SigninLogs/Sign-in Burst from Multiple Locations.yaml

@@ -16,6 +16,7 @@ tactics:
 relevantTechniques:
   - T1110
 query: |
+  
   let RunTime = 1h;
   SigninLogs
   | where TimeGenerated > ago(RunTime)
@@ -23,4 +24,4 @@ query: |
   | where ResultType == 0
   | summarize CountOfLocations = dcount(Location), Locations = make_set(Location), BurstStartTime = min(TimeGenerated), BurstEndTime = max(TimeGenerated) by UserPrincipalName
   | where CountOfLocations > 1
-  | extend AccountCustomEntity = UserPrincipalName
+  | extend timestamp = BurstStartTime, AccountCustomEntity = UserPrincipalName