Update rules/cross-platform/multiple_alerts_from_different_modules_by_user.toml

Co-authored-by: Jonhnathan <[email protected]>

Author: Samirbous

rules/cross-platform/multiple_alerts_from_different_modules_by_user.toml

@@ -23,7 +23,7 @@ timestamp_override = "event.ingested"
 type = "esql"
 
 query = '''
-from .alerts-security.*  metadata _id
+from .alerts-security.*
 
 // any alerts excluding low severity and the noisy ones
 | where kibana.alert.rule.name is not null and user.name is not null and kibana.alert.risk_score > 21 and