Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Live Chat

How to monitor a folder for changes?

Be it confidential customer information or critical resource's configuration files, change monitoring helps to maintain the integrity of these data. Many tools including native Windows PowerShell can help you perform folder change monitoring. However, it isn't easy to come up with scripts and perform this task without a glitch. An easy way to monitor the changes to files and folders is through AD auditing solution like ADAudit Plus.

The following is a comparison between monitoring a folder for file changes with Windows PowerShell and ADAudit Plus:

Windows PowerShell

Steps to monitor a folder for file changes using PowerShell:

  • The .Net FileSystemWatcher class can be used to monitor file/folder changes. File changes could be events such as created, modified, moved, renamed and deleted. The script below is subscribed for three of the events (created, deleted and changed) 
    $folder = 'c:\powershell\test' 
    $filter = '*.*'                
    $fsw = New-Object IO.FileSystemWatcher $folder, $filter -Property @{IncludeSubdirectories = $true;NotifyFilter = [IO.NotifyFilters]'FileName, LastWrite'}
  • With the help of the below script, we can record any of the events or all of them depending on your requirement. 
    Register-ObjectEvent $fsw Created -SourceIdentifier FileCreated -Action {
$name = 
$Event.SourceEventArgs.Name
$changeType = 
$Event.SourceEventArgs.ChangeType
$timeStamp = 
$Event.TimeGenerated 
    Write-Host "The file '$name' was $changeType at $timeStamp" -fore green 
    Out-File -FilePath c:\scripts\filechange\outlog.txt -Append -InputObject "The file '$name' was $changeType at $timeStamp"} 
     
    Register-ObjectEvent $fsw Deleted -SourceIdentifier FileDeleted -Action { 
    $name = $Event.SourceEventArgs.Name 
    $changeType = $Event.SourceEventArgs.ChangeType 
    $timeStamp = $Event.TimeGenerated 
    Write-Host "The file '$name' was $changeType at $timeStamp" -fore red 
    Out-File -FilePath c:\scripts\filechange\outlog.txt -Append -InputObject "The file '$name' was $changeType at $timeStamp"} 
     
    Register-ObjectEvent $fsw Changed -SourceIdentifier FileChanged -Action { 
    $name = $Event.SourceEventArgs.Name 
    $changeType = $Event.SourceEventArgs.ChangeType 
    $timeStamp = $Event.TimeGenerated 
    Write-Host "The file '$name' was $changeType at $timeStamp" -fore white 
    Out-File -FilePath c:\scripts\filechange\outlog.csv -Append -InputObject "The file '$name' was $changeType at $timeStamp"}
     Copied
    Click to copy entire script
  • Report will be generated in the format (CSV, HTML, XLS, PDF) defined in the script. For instance, in the above mentioned script, the report will be generated in a CSV format.

ADAudit Plus

Steps to monitor a file/folder change using ADAudit Plus:

  • Login to ADAudit Plus → Go to File Audit tab → Under File Audit Reports section on the left pane→ Click All Files or Folders Changes Reports.
    powershell-monitor-folder-for-changes-1

  • The details you will find in this report are:

    • Name of the file/folder changed
    • The user who made the change
    • The user who made the change
    • Location of the file/folder
  • Select Export As to export the report in any of the preferred formats (CSV, PDF, HTML, CSVDE and XLSX).

The following are the limitations of using Windows PowerShell to monitor a folder for changes:-

  • We can run this script only from the computers which has Active Directory Domain Services role.
  • The script has to be modified if you wish to change the date formats.
  • Parts of the script will have to be changed if you wish to export the script in a different format.
  • Applying more filters would add to the complexity of the script.

ADAudit Plus on the other hand will swiftly generate reports by scanning all the DCs and these reports can be exported in multiple formats.

» Start 30-day Free Trial

  • Avoid complex PowerShell-scripting, and simplify AD change auditing with ADAudit Plus.
  • Get Your Free Trial
  • Avoid complex PowerShell-scripting, and simplify AD change auditing with ADAudit Plus.
  • US
  • By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.
  • Thanks!
  • Your download is in progress and it will be completed in just a few seconds! If you face any issues, download manually here.

Related Resources

ADAudit Plus Trusted By

Meet all auditing and IT security needs with ADAudit Plus.

  • Active Directory
  • File servers
  • Windows server
  • Workstation
  • Compliance
  • Related Products

A single pane of glass for complete Active Directory Auditing and Reporting

Free Trial Get Quote
Email Download Link
Back to Top