File Change Tripwire

A simple PowerShell script to monitor selected folders/filetypes for changes, then e-mail results.

  1. Ian

    Ian Administrator

    Joined:
    Oct 27, 2013
    Messages:
    1,154
    Likes Received:
    367
    Ian submitted a new article:

    File Change Tripwire - A simple PowerShell script to monitor selected folders/filetypes for changes, then e-mail results.

    Read more about this article...
     
    Last edited: Dec 6, 2017
    Ian, Dec 6, 2017
    #1
    Regedit32 likes this.
    1. Advertisements

  2. Ian

    Regedit32 Moderator

    Joined:
    Mar 4, 2016
    Messages:
    2,762
    Likes Received:
    833
    This is a great script Ian.

    Something you might consider including is a function to confirm the User belongs to the Administrative Group.

    For example:

    Code (Text):
    function ConfirmUserIsAdministrator {
        [CmdletBinding()]
        Param()
        ${CmdletName} = $Pscmdlet.MyInvocation.MyCommand.Name
        ${Identity} = [System.Security.Principal.WindowsIdentity]::GetCurrent()
        ${Principal} = new-object System.Security.Principal.WindowsPrincipal(${Identity})
        ${IsAdmin} = $Principal.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)
       
        if (-not ${IsAdmin}) {
            Write-Error -Message "${CmdletName}: User is not an administrator. To continue run application as administrator." `
                        -RecommendedAction "Run application as administrator" `
        }
        else {
            Write-Host "Scanning selected directory"
        }
    }
    ConfirmUserIsAdministrator

    # Then your code goes here for the $Event's
     
    Regedit32, Dec 6, 2017
    #2
    Ian likes this.
    1. Advertisements

  3. Ian

    Ian Administrator

    Joined:
    Oct 27, 2013
    Messages:
    1,154
    Likes Received:
    367
    A handy snippet! I'll integrate that when I give it an overhaul :).
     
    Ian, Dec 6, 2017
    #3
  4. Ian

    Regedit32 Moderator

    Joined:
    Mar 4, 2016
    Messages:
    2,762
    Likes Received:
    833
    That snippet is based on a non termination error message [ i.e. the program is not stopped as a result ].

    If you use this you'll see a red error message in the console, if user is not the admin or is not running the script as administrator. Thus they would need to close it and re-open when one or both conditions are met.

    If you'd rather have the script terminate then you'd nee to use a throw error.
     
    Regedit32, Dec 6, 2017
    #4
    Ian likes this.
  5. Ian

    Ian Administrator

    Joined:
    Oct 27, 2013
    Messages:
    1,154
    Likes Received:
    367
    I think I'll be re-using this snippet across a few scripts, thanks for posting it :D. I'm hoping to add a few items from the "to do" list to the tripwire script, so I'll include this then.
     
    Ian, Dec 7, 2017
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.