XPath query is incorrect for -NamedDataFilter and -NamedDataExcludeFilter

[danubie]

Hi Przemyslaw!

I stumpled upon your module in search of speeding up scanning eventlogs. A really appreciate your work and your article "everything you wanted to know about eventlogs".
I love the speed and the features like getting named properties back as object properties. Really cool stuff.

In order to brush up my slow filtering code, I tried to figure out how the named filters work.
I discoverd two issues

1. If I use an array of strings inside the filter hash the xpath query gets invalid (it works fine with one value) (see issue #7)
   $XPath = Get-EventsFilter -NamedDataFilter @{ FieldName = 'Value1' } -LogName 'xx' -XPathOnly
   returns a query, which does not return expected results
   *[EventData[Data[@Name='FieldName'] = 'Value1' or 'Value2']]
2. Similar is the case when using filters to exclude events,
   Get-EventsFilter -NamedDataFilter @{ FieldName = ('Value1','Value2') } -LogName 'xx' -XPathOnly
   returns
   *[EventData[Data[@Name='FieldName'] != 'Value1' or 'Value2']]
   The problem seems that Get-EventsFilter does not handle both cases correctly.
   For example 1
   *[EventData[Data[@Name='FieldName'] != 'Value1' or Data[@Name='FieldName'] != 'Value2']]
   seems it would to be valid.

I think I'm on a good track to deliver a fix. I hope that's ok for you.

Regards,
Wolfgang

[PrzemyslawKlys]

Hello, you're more than welcome to do that! Looking forward for PR :-)