The example if for event ID 24, it should be "FileDelete", not "ClipboardChange". If you try to implement both you will receive an error about it already being defined.
On a side note, the "include" will mean that it effectively is turned off. Would recommend using the exclude so when people uncomment it they can begin trimming unnecessary file paths.
<!--SYSMON EVENT ID 23 : FILE DELETE [FileDelete]-->
<!--EVENT 22: "File Delete"-->
<!--COMMENT: Sandbox usage. When a program signals to Windows a file should be deleted or wiped, Sysmon may be able to capture it.
[ https://isc.sans.edu/forums/diary/Sysmon+and+File+Deletion/26084/ ]
-->
<!--DATA: RuleName, UtcTime, ProcessGuid, ProcessId, User, Image, TargetFilename, Hashes, IsExecutable, Archived -->
<!--
<RuleGroup name="" groupRelation="or">
<ClipboardChange onmatch="include">
</ClipboardChange>
</RuleGroup>
-->
The example if for event ID 24, it should be "FileDelete", not "ClipboardChange". If you try to implement both you will receive an error about it already being defined.
On a side note, the "include" will mean that it effectively is turned off. Would recommend using the exclude so when people uncomment it they can begin trimming unnecessary file paths.