Format/Sysmon.Rule.Filter.ps1xml
|
<?xml version="1.0" encoding="utf-16"?>
<Configuration> <ViewDefinitions> <View> <Name>Sysmon.Rule.Filter</Name> <ViewSelectedBy> <TypeName>Sysmon.Rule.Filter</TypeName> </ViewSelectedBy> <TableControl> <TableHeaders> <TableColumnHeader> <Width>12</Width> </TableColumnHeader> <TableColumnHeader> <Width>12</Width> </TableColumnHeader> <TableColumnHeader> <Width>50</Width> </TableColumnHeader> </TableHeaders> <TableRowEntries> <TableRowEntry> <TableColumnItems> <TableColumnItem> <PropertyName>EventField</PropertyName> </TableColumnItem> <TableColumnItem> <PropertyName>Condition</PropertyName> </TableColumnItem> <TableColumnItem> <PropertyName>Value</PropertyName> </TableColumnItem> </TableColumnItems> </TableRowEntry> </TableRowEntries> </TableControl> </View> </ViewDefinitions> </Configuration> |