udpating name

Author: patel-bhavin

detections/application/cisco_ai_defense_security_alerts.yml renamed to detections/application/cisco_ai_defense_security_alerts_by_application_name.yml

@@ -36,7 +36,7 @@ search: |-
         severity="low", 25
     )
     | table model.model_name, user_id, event_action, application_id, application_name, severity, risk_score, policy_name, connection_name, guardrail_ruleset_type, guardrail_entity_name 
-    |`cisco_ai_defense_security_alerts_filter`'
+    |`cisco_ai_defense_security_alerts_by_application_name_filter`'
 how_to_implement: To enable this detection, you need to ingest alerts from the Cisco AI Defense product. This can be done by using this app from splunkbase - Cisco Security Cloud and ingest alerts into the cisco:ai:defense sourcetype.
 known_false_positives: False positives may vary based on Cisco AI Defense configuration; monitor and filter out the alerts that are not relevant to your environment.
 references:
@@ -52,7 +52,7 @@ drilldown_searches:
   earliest_offset: $info_min_time$
   latest_offset: $info_max_time$
 rba:
-  message: Cisco AI Defense Security Alert has been detected for the application name - [$application_name$]
+  message: Cisco AI Defense Security Alert has been action - [$event_action$] for the application name - [$application_name$]
   risk_objects:
   - field: application_name
     type: other