If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
How do I monitor a folder and email changes once a day?
I have three different folders I need to monitor on a server. One for new folders and files added, one for files removed or deleted, and the other directory for files that have changed or been modified. I need a separate email sent to specified email addresses for each directory once a day, at a specified time, and its content will list the folders and files that have been added, modified, or deleted. I have tried folder spy but it sends emails for every single change and that’s just too many emails. Would prefer a PowerShell script that I could run as a scheduled task but at this point anything that will work I am interested in. Can anyone help?
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Just a new list. Basically, what has changed since the last email was sent out. I need the task done automatically so it does not become another added daily task. The first directory is basically and "Inbox" for a specific group of employees to copy their completed work too. Then another specific group would get notified that there are files waiting for them so they could move the file out to another location.
The other two locations are just for monitoring sensitive restrictive directories.
The other two locations are just for monitoring sensitive restrictive directories.
I would go the "compare to snapshot" way. The only issue is that you need to create the first snapshot manually.
Alternatively, you can trust to the archive bit (but need to reset it after processing to make it work) for added or changed files.
For deleted files you'll always need a reference, if not using a trigger (file system watcher).
Alternatively, you can trust to the archive bit (but need to reset it after processing to make it work) for added or changed files.
For deleted files you'll always need a reference, if not using a trigger (file system watcher).
The first approach I mentioned would look something like this (didn't get a chance to test it) but you'd need to compile this into a service with PowerGUI. You can have functions fire when the file changes are done, so for example if a user makes a new file and it has the word 'invoice' in it, you get an email alert right away. Otherwise it could just log the change and then send in the email later on. It'd look like this:
$folder = 'c:\test\'
$filter = '*.*'
$logFolder = 'c:\log\'
$smtpServer = '192.168.1.1'
$smtpFrom = 'technotices@yourcompany.com'
$smtpTo = 'support@yourcompany.com'
$fsw = New-Object IO.FileSystemWatcher $folder, $filter -Property @{IncludeSubdirectories = $false;NotifyFilter = [IO.NotifyFilters]'FileName, LastWrite'}
function GetLogFile
{
$date = Get-Date
$logFile = $logFolder + $date.Month + "-" + $date.Day + "-fileChange.log"
return $logFile
}
function RecordMessage ($message)
{
$logFile = GetLogFile
Add-Content -Path $logFile -Value $message
}
function SendLogEmail
{
$logFile = GetLogFile
$subject = "Log File for " + $date
Send-MailMessage -SmtpServer $smtpServer -From $smtpFrom -To $smtpTo -Attachments $logFile -Subject $subject -Body "Log file attached."
}
Register-ObjectEvent $fsw Created -SourceIdentifier FileCreated -Action {
$name = $folder + $Event.SourceEventArgs.Name
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
$message = $name + " was " + $changeType + " at " + $timestamp + "."
RecordMessage $message
}
Register-ObjectEvent $fsw Deleted -SourceIdentifier FileDeleted -Action {
$name = $folder + $Event.SourceEventArgs.Name
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
$message = $name + " was " + $changeType + " at " + $timestamp + "."
RecordMessage $message
}
Register-ObjectEvent $fsw Changed -SourceIdentifier FileChanged -Action {
$name = $folder + $Event.SourceEventArgs.Name
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
$message = $name + " was " + $changeType + " at " + $timestamp + "."
RecordMessage $message
}
while($true)
{
$time = Get-Date
if ($time.Hour -eq 23 -and $time.Minute -eq 59 -and $time.Second -eq 58) {SendLogEmail}
Start-Sleep -Seconds 1
}
To do it with a "snapshot" file, I'd recommend loading those CSVs into datatables, then doing a compare there to generate the differences. This EE answer from another question shows how I'd do the datatable compares:
foreach ($row in $dt1.Rows)
{
$sqlRow = $dt2.Select("ID="+$row.ID)
if ($sqlRow.Length -ne 0)
{
Write-Host "Update action."
}
else
{
Write-Host "Insert action."
}
}
foreach ($row in $dt2.Rows)
{
$compareRow = $dt1.Select("ID="+$row.ID)
if ($compareRow.Length -eq 0)
{
Write-Host "Remove Action."
}
}
Assuming PowerShell 3.0 or above, a simplified approach is:
$smtpParam = @{
SmtpServer = 'mail.domain.com'
from = 'me@domain.com'
to = 'you@domain.com'
}
foreach ($folder in 'C:\Monitoring\Folder1', 'C:\Monitoring\Folder2')
{
$del = $new = $chg = $null
$snapshot_file = 'C:\Monitoring\'+(split-path $folder -leaf)+'-files.txt'
if (test-path $snapshot_file)
{
$snapshot_old = Get-Content $snapshot_file
$snapshot_new = Get-ChildItem -recurse $folder -Name
$cmp = compare-object $snapshot_old $snapshot_new
$new = ($cmp | ? { $_.SideIndicator -eq '=>' }).InputObject
$del = ($cmp | ? { $_.SideIndicator -eq '<=' }).InputObject
$snapshot_date = (Get-ChildItem $snapshot_file).LastWriteTime
$chg = Get-ChildItem -recurse $folder | ? { $_.LastWriteTime -gt $snapshot_date } | Select -Expand Name
}
if ($new) { Send-MailMessage @smtpParam -Subject "$folder - new files" -Body ($new -join "`r`n") }
if ($del) { Send-MailMessage @smtpParam -Subject "$folder - deleted files" -Body ($del -join "`r`n") }
if ($chg) { Send-MailMessage @smtpParam -Subject "$folder - changed files" -Body ($chg -join "`r`n") }
$snapshot_new | Out-File $snapshot_file
}
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
+1 for file system watcher.
https://msdn.microsoft.com/en-us/library/system.io.filesystemwatcher(v=vs.110).aspx
https://msdn.microsoft.com/en-us/library/system.io.filesystemwatcher(v=vs.110).aspx
That's a lot of information, I will experiment with provided input thus far and get back to you a little later. Thanks All.
So to be up front, I am not a PowerShell guy so please bare with me.
So I tried Qlemo's first. I copied everything into PowerShell ISE. I created a folder on my C: drive called Monitoring with two subfolders Folder1 & Folder2. I changed the Smtp server information to an actual server and account. Rand the script and I get;
Compare-Object : Cannot bind argument to parameter 'ReferenceObject' because it is null.
At C:\Users\Employee\Document
+ $cmp = compare-object $snapshot_old $snapshot_new
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Compare-Object], ParameterBindingValidation
ion
+ FullyQualifiedErrorId : ParameterArgumentValidatio
.Commands.CompareObjectCom
Compare-Object : Cannot bind argument to parameter 'ReferenceObject' because it is null.
At C:\Users\Employee\Document
+ $cmp = compare-object $snapshot_old $snapshot_new
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Compare-Object], ParameterBindingValidation
ion
+ FullyQualifiedErrorId : ParameterArgumentValidatio
.Commands.CompareObjectCom
Was there something else I should have changed?
I will try Dustin's now. Thanks all.
So I tried Qlemo's first. I copied everything into PowerShell ISE. I created a folder on my C: drive called Monitoring with two subfolders Folder1 & Folder2. I changed the Smtp server information to an actual server and account. Rand the script and I get;
Compare-Object : Cannot bind argument to parameter 'ReferenceObject' because it is null.
At C:\Users\Employee\Document
+ $cmp = compare-object $snapshot_old $snapshot_new
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Compare-Object], ParameterBindingValidation
ion
+ FullyQualifiedErrorId : ParameterArgumentValidatio
.Commands.CompareObjectCom
Compare-Object : Cannot bind argument to parameter 'ReferenceObject' because it is null.
At C:\Users\Employee\Document
+ $cmp = compare-object $snapshot_old $snapshot_new
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Compare-Object], ParameterBindingValidation
ion
+ FullyQualifiedErrorId : ParameterArgumentValidatio
.Commands.CompareObjectCom
Was there something else I should have changed?
I will try Dustin's now. Thanks all.
The error message means that the snapshot file has been found, but was empty. And indeed, I forgot to create the initial file content :/.
$smtpParam = @{
SmtpServer = 'mail.domain.com'
from = 'me@domain.com'
to = 'you@domain.com'
}
foreach ($folder in 'C:\Monitoring\Folder1', 'C:\Monitoring\Folder2')
{
$del = $new = $chg = $null
$snapshot_file = 'C:\Monitoring\'+(split-path $folder -leaf)+'-files.txt'
$snapshot_new = Get-ChildItem -recurse $folder -Name
if (test-path $snapshot_file)
{
$snapshot_old = Get-Content $snapshot_file
$cmp = compare-object $snapshot_old $snapshot_new
$new = ($cmp | ? { $_.SideIndicator -eq '=>' }).InputObject
$del = ($cmp | ? { $_.SideIndicator -eq '<=' }).InputObject
$snapshot_date = (Get-ChildItem $snapshot_file).LastWriteTime
$chg = Get-ChildItem -recurse $folder | ? { $_.LastWriteTime -gt $snapshot_date } | Select -Expand Name
}
if ($new) { Send-MailMessage @smtpParam -Subject "$folder - new files" -Body ($new -join "`r`n") }
if ($del) { Send-MailMessage @smtpParam -Subject "$folder - deleted files" -Body ($del -join "`r`n") }
if ($chg) { Send-MailMessage @smtpParam -Subject "$folder - changed files" -Body ($chg -join "`r`n") }
$snapshot_new | Out-File $snapshot_file
}
Qlemo, could you provide how I would change the first part to include port and authentication?
$smtpParam = @{
SmtpServer = 'mail.domain.com'
from = 'me@domain.com'
to = 'you@domain.com'
$smtpParam = @{
SmtpServer = 'mail.domain.com'
from = 'me@domain.com'
to = 'you@domain.com'
Authentication is usually not required if inside of your domain. It needs some more effort:
$smtpParam = @{
SmtpServer = 'mail.domain.com'
credential = New-Object System.Management.Automation.PsCredential('MyUser', (ConvertTo-SecureString 'MyPwd' -AsPlainText –force))
Port = 65432
from = 'me@domain.com'
to = 'you@domain.com'
}
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
Option 1 is to record all the files in the folder into a CSV or equivalent and then the scheduled task will compare what changed and send out an email. This doesn't require a running service, etc.
The other option is to create a file system watcher in a dummy service and have that record the changes.
Do you need to see every time the files change or just a list of new, deleted, changed files?