Powershell : filterXpath samples

Event ID 4768 : Kerberos TGT not AES

$xpath_4768_NotAES = "*[System[EventID=4768]] and *[EventData[(Data[@Name='TicketEncryptionType'] !='0x12' and Data[@Name='TicketEncryptionType'] !='0x11')]]"

Event ID 4769 : Kerberos TGS not AES

$xpath_4769_NotAES = "*[System[EventID=4769]] and *[EventData[(Data[@Name='TicketEncryptionType'] !='0x12' and Data[@Name='TicketEncryptionType'] !='0x11')]]"