Format/Sysmon.Rule.Filter.ps1xml

<?xml version="1.0" encoding="utf-16"?>
<Configuration>
<ViewDefinitions>
<View>
    <Name>Sysmon.Rule.Filter</Name>
    <ViewSelectedBy>
        <TypeName>Sysmon.Rule.Filter</TypeName>
    </ViewSelectedBy>
    <TableControl>
        <TableHeaders>
          <TableColumnHeader>
            <Width>12</Width>
          </TableColumnHeader>
          <TableColumnHeader>
            <Width>12</Width>
          </TableColumnHeader>
          <TableColumnHeader>
            <Width>50</Width>
          </TableColumnHeader>
        </TableHeaders>
        <TableRowEntries>
          <TableRowEntry>
            <TableColumnItems>
              <TableColumnItem>
               <PropertyName>EventField</PropertyName>
              </TableColumnItem>
              <TableColumnItem>
               <PropertyName>Condition</PropertyName>
              </TableColumnItem>
              <TableColumnItem>
                <PropertyName>Value</PropertyName>
              </TableColumnItem>
            </TableColumnItems>
          </TableRowEntry>
        </TableRowEntries>
      </TableControl>
</View>
</ViewDefinitions>
</Configuration>