Update okta_new_behaviours_admin_console.yml

rules/cloud/okta/okta_new_behaviours_admin_console.yml

@@ -15,13 +15,13 @@ logsource:
     product: okta
     service: okta
 detection:
-    selection:
+    selection_event:
         eventtype: 'policy.evaluate_sign_on'
         target.displayname: 'Okta Admin Console'
-    positive:
+    selection_positive:
         - debugcontext.debugdata.behaviors|contains: 'POSITIVE'
         - debugcontext.debugdata.logonlysecuritydata|contains: 'POSITIVE'
-    condition: selection and positive
+    condition: all of selection_*
 falsepositives:
     - When an admin begins using the Admin Console and one of Okta's heuristics incorrectly identifies the behavior as being unusual.
 level: high