I am trying to parse the XML output from NMAP and isolate just the hostadddress and the vendor from the osmatch. I've actually done that with the following:

select-xml -path nmap.xml -xpath "nmaprun/host/address/@addr|nmaprun/host/os/osmatch/osclass/@vendor" | select -expandproperty node

Which produces:

#text
-----
10.20.30.1
HP
10.20.30.2
Linux
10.20.30.3
HP

What I was not expecting is that it would jam it all into a single column.
Silly me would like the address in one column, and the vendor in another column.
I Would like:

#addr      #vendor
-----      -------
10.20.30.1 HP
10.20.30.2 Linux
10.20.30.3 HP

In the several hours I spent learning xpath today, I also realized that this file has a single address for each host, but multiple OS guesses for each host. I would also like to use only the first osGuess in the output. Tired using:

-xpath "(nmaprun/host/os/osmatch/osclass/@vendor)[1]"

But that truncates the whole data set to a single line of output, instead of only limiting the only the first osclass element of each host. Changing the parens to surround only the @vendor element like .../(@vendor)[1] and .../(@vendor[1]) but both fail with "Expression must evaluate to a node-set."

Thanks in advance