diff --git a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
index a332ef1410..a53e3cf169 100644
--- a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
+++ b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
@@ -17,14 +17,15 @@ ms.date: 10/12/2018
 
 Since the Security log uses a manifest, you can get all of the event schema from the workstation.
 
-Run this from an elevated powershell prompt:
+Run the following from an elevated PowerShell prompt:
 
 ```powershell
 $secEvents = get-winevent -listprovider "microsoft-windows-security-auditing"
 ```
 
 The .events property is a collection of all of the events listed in the manifest on the local machine.
-For each event there is a .Template property for the XML template used for the event properties (if there are any.)
+
+For each event, there is a .Template property for the XML template used for the event properties (if there are any).
 
 For example: