Update OperationNameValue comparison operator

The OperationNameValue is sometimes mixed lower and uppercase. The lower case value drastically limits the number of results and overlooks the mixed case values of "Microsoft.Storage/storageAccounts/listKeys/action". Using the =~ operator accommodates the mixed case values.
2022-05-04 09:39:20 -04:00 · 2022-05-04 09:39:20 -04:00 · f0540ea901
--- a/Queries/AzureActivity/Anomalous_Listing_Of_Storage_Keys.yaml
+++ b/Queries/AzureActivity/Anomalous_Listing_Of_Storage_Keys.yaml
@ -20,11 +20,11 @@ relevantTechniques:
 query: |

  AzureActivity
-  | where OperationNameValue == "microsoft.storage/storageaccounts/listkeys/action"
+  | where OperationNameValue =~ "microsoft.storage/storageaccounts/listkeys/action"
  | where ActivityStatusValue == "Succeeded" 
  | join kind= inner (
      AzureActivity
-      | where OperationNameValue == "microsoft.storage/storageaccounts/listkeys/action"
+      | where OperationNameValue =~ "microsoft.storage/storageaccounts/listkeys/action"
      | where ActivityStatusValue == "Succeeded" 
      | project ExpectedIpAddress=CallerIpAddress, Caller 
      | evaluate autocluster()