I was running some powershell script and getting events with powershell_events query, however results are split in multiple events and each events do not have basic information like , last IP, computername etc , is there a way to combine few events in single events and then run the rule ?

From the rule section, you can create rules based on host_identifier For adding other system constraints you need to construct your query by adding information from other tables Eg:

select powershell_events.*,system_info.computer_name from powershell_events,system_info;

and then you can apply rules on these additional attributes