Besitzer von Datei ermitteln über ObjectEvent

Hallo!

Ich möchte in eine Logdatei schreiben wer welche Datei wann in einem bestimmten Verzeichnis abgelegt hat. Dazu habe ich folgendes Skript gefunden:

#By BigTeddy 05 September 2011

#This script uses the .NET FileSystemWatcher class to monitor file events in folder(s).
#The advantage of this method over using WMI eventing is that this can monitor sub-folders.
#The -Action parameter can contain any valid Powershell commands.  I have just included two for example.
#The script can be set to a wildcard filter, and IncludeSubdirectories can be changed to $true.
#You need not subscribe to all three types of event.  All three are shown for example.
# Version 1.1

$folder = 'c:\temp' # Enter the root path you want to monitor.
$filter = '*.*'  # You can enter a wildcard filter here.

# In the following line, you can change 'IncludeSubdirectories to $true if required.
$fsw = New-Object IO.FileSystemWatcher $folder, $filter -Property @{IncludeSubdirectories = $false;NotifyFilter = [IO.NotifyFilters]'FileName, LastWrite, Security'}

# Here, all three events are registerd.  You need only subscribe to events that you need:

Register-ObjectEvent $fsw Created -SourceIdentifier FileCreated -Action {
$name = $Event.SourceEventArgs.Name
$User = $Event.SourceEventArgs.User
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
Write-Host "The file '$name' was $changeType at $timeStamp $User" -fore green
Out-File -FilePath C:\Users\niesel\Documents\Services\outlog.txt -Append -InputObject "The file '$name' was $changeType at $timeStamp"}

Register-ObjectEvent $fsw Deleted -SourceIdentifier FileDeleted -Action {
$name = $Event.SourceEventArgs.Name
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
$User = $Event.SourceEventArgs.Username
Write-Host "The file '$name' was $changeType at $timeStamp $User" -fore red
Out-File -FilePath C:\Users\niesel\Documents\Services\outlog.txt -Append -InputObject "The file '$name' was $changeType at $timeStamp"}

Register-ObjectEvent $fsw Changed -SourceIdentifier FileChanged -Action {
$name = $Event.SourceEventArgs.Name
$changeType = $Event.SourceEventArgs.ChangeType
$timeStamp = $Event.TimeGenerated
$User = $Event.SourceEventArgs.UserName
Write-Host "The file '$name' was $changeType at $timeStamp $User" -fore white
Out-File -FilePath C:\Users\niesel\Documents\Services\outlog.txt -Append -InputObject "The file '$name' was $changeType at $timeStamp"}

# To stop the monitoring, run the following commands:
# Unregister-Event FileDeleted
# Unregister-Event FileCreated
# Unregister-Event FileChanged

Wie kann ich noch zusätzlich den besitzer ermitteln?

VG niesel

Besitzer von Datei ermitteln über ObjectEvent

Trending Articles

Erster Gang springt raus

Audi S6 4,0 TFSI Feldmaßnahme 2406!

Fehler im Motor SG P069100 Kühlerlüfter 1 - Kurzschluss nach Masse

Integralrechnung Bergwerksstollen

X5 E70 rücksitz nicht verriegelt?

Passat B8 Ambientebeleuchtung Plus Codieren?

"der objektverweis wurde nicht auf eine objektinstanz festgelegt "

Mercedes Sprinter w906 ruckelt in Leerlauf bei aufgelassener Kupplung

OM651 Drosselklappe wechseln / Motor eingebaut

Opel Meriva quietscht

Audi a6 4f 3.0 tfsi Motor ausbauen anleitung

Roundup Rekord PowerMax 720 mit 720 gr / L Glyphosat Granulat als Import aus...

Der 7. Zwerg: die Spiral-Loop Antenne

Der Fall Richard Wiertz - Julia Leischik sucht: Bitte melde dich

V-Klasse: Tisch nachrüsten

Synology Drive Status nicht normal

Lego DC Super-Villains – Fundorte aller Roten Steine (Red Bricks Guide)

Ohne Gangwechsel Werkstatt aufsuchen. W212

Bruteier von Reinrassigen Ronquières Puten ( hatching eggs) in Sendenhorst

1,0l EcoBoost 125PS + Wohnwagen