If you were looking for some info on comparison between sysmon's filters and the filters usage in the extension, we published a bit of details on that: https://blog.eclecticiq.com/comparing-sysmon-and-eclecticiq-endpoint-response-event-filters