Update rules/cross-platform/multiple_alerts_from_different_modules_by_dstip.toml

Co-authored-by: Jonhnathan <[email protected]>

Author: Samirbous

rules/cross-platform/multiple_alerts_from_different_modules_by_dstip.toml

@@ -23,7 +23,7 @@ timestamp_override = "event.ingested"
 type = "esql"
 
 query = '''
-from .alerts-security.*  metadata _id
+from .alerts-security.*
 
 // any alerts excluding low severity, threat_match and machine_learning rules 
 | where kibana.alert.rule.name is not null and destination.ip is not null and kibana.alert.risk_score > 21 and not kibana.alert.rule.type in ("threat_match", "machine_learning")