RDP rules need to be updated to switch from SecurityEvent table to Defender tables such as DeviceLogonEvents table

[AmudaPalani]

Describe the bug
This rule https://github.com/Azure/Azure-Sentinel/blob/master/Detections/SecurityEvent/RDP_Nesting.yaml is no longer valid because this event id logs are sent to DeviceLogonEvents table instead of SecurityEvent table. But this rule is yet to be updated. Please update this rule?

[v-kasghosh]

Hello @AmudaPalani , thanks for flagging this. We will look into it and get back to you. Thanks!