Tracking changes made within active directory.

This script would be the way that I would take care of this.

https://gallery.technet.microsoft.com/scriptcenter/bfa06e91-a6d0-4d41-ab6d-eb7fd19c1704

It will email you every time a group membership is changed and should get you the information you are looking for. I would setup a scheduled task to run it every 15 min or so.

Otherwise you would be looking at getting some type of 3rd party software to track and log this information without having to go through the event logs on your own. be sure this script is running on every DC.

Thank you Sean. I'll try using the script within the link at some point. I've also found an article for setting up auditing AD DS.
https://technet.microsoft.com/en-us/library/cc731607(WS.10).aspx

Remember you need to set up success audit for that (failure audit should also be used).

See this link for best practices.

Check this article which explain how to track changes made in Active Directory:
https://www.lepide.com/how-to/track-changes-in-active-directory.html

You may also get help from auditing solutions like Lepide and Manageengine to track such changes and monitor their day-to-day activities.

Hope this helps!

I've setup the scripts to alert of when changes are made to the security groups in question. I've also configured Auditing for AD DS. Thank you for your help.