Format/Sysmon.Rule.Filter.ps1xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
<?xml version="1.0" encoding="utf-16"?>
<Configuration>
<ViewDefinitions>
<View>
    <Name>Sysmon.Rule.Filter</Name>
    <ViewSelectedBy>
        <TypeName>Sysmon.Rule.Filter</TypeName>
    </ViewSelectedBy>
    <TableControl>
        <TableHeaders>
          <TableColumnHeader>
            <Width>12</Width>
          </TableColumnHeader>
          <TableColumnHeader>
            <Width>12</Width>
          </TableColumnHeader>
          <TableColumnHeader>
            <Width>50</Width>
          </TableColumnHeader>
        </TableHeaders>
        <TableRowEntries>
          <TableRowEntry>
            <TableColumnItems>
              <TableColumnItem>
               <PropertyName>EventField</PropertyName>
              </TableColumnItem>
              <TableColumnItem>
               <PropertyName>Condition</PropertyName>
              </TableColumnItem>
              <TableColumnItem>
                <PropertyName>Value</PropertyName>
              </TableColumnItem>
            </TableColumnItems>
          </TableRowEntry>
        </TableRowEntries>
      </TableControl>
</View>
</ViewDefinitions>
</Configuration>