PowerShell : Monitor changes to web-files (with alert)

If you wish to track changes to files, mainly web shared files then you can utilise PowerShell to do this without any issues then you can use this script, this was originally generated to monitor the changes in a PAC file, but can be used for any web configuration file.

Many times its not the change to the files or content that causes the issue, but the fact that sometimes the changes result in undocumented behaviour - this is also know as a "bug" - but without any notification it can be hard to track this type of activity down.

# Function to download the configuration file
function Download-PacFile {
    param (
        [string]$url
    )

    $webClient = New-Object System.Net.WebClient
    $pacContent = $webClient.DownloadString($url)
    return $pacContent
}

# Function to send email
function Send-Email {
    param (
        [string]$subject,
        [string]$body
    )

    $smtpServer = "<mail_server>"
    $smtpPort = <mail_port>
    $senderEmail = "monitor@bythepowerofgreyskull.com"
    $receiverEmail = "skeletor@bythepowerofgreyskull.com"
    $smtp = New-Object Net.Mail.SmtpClient($smtpServer, $smtpPort)
    $smtp.EnableSsl = $true

    $msg = New-Object Net.Mail.MailMessage($senderEmail, $receiverEmail, $subject, $body)
    $smtp.Send($msg)
}

# Main function to monitor the PAC file for changes

function Monitor-ConfigFile {
    param (
        [string]$url
    )

    $currentContent = $null
    $changesString = ""

    while ($true) {

        try {
            $pacContent = Download-PacFile -url $url

            if (-not $currentContent) {

                Write-Host "Initial snapshot taken - Skeletor tracking changes....."

                $currentContent = $pacContent

            }

            elseif ($pacContent -ne $currentContent) {

                Write-Host "PAC file has changed!"

                $currentLines = $currentContent -split '\r?\n'

                $newLines = $pacContent -split '\r?\n'

                $changes = Compare-Object $currentLines $newLines

                foreach ($change in $changes) {

                    if ($change.SideIndicator -eq "=>") {

                        $changesString += "Added: $($change.InputObject)`n"

                    }

                    elseif ($change.SideIndicator -eq "<=") {

                        $changesString += "Removed: $($change.InputObject)`n"

                    }

                }

                Send-Email -subject "By the power of Greyskull, updates detected" -body "The configuration file has changed. Please review the updates.`n`nChanges:`n$changesString"

                $currentContent = $pacContent

            }

            else {

                Write-Host "All hail Megatron! : No change detected"

            }

        }

        catch {

            Write-Host "An error occurred: $_"

        }

        Start-Sleep -Seconds 600  # Check every minute

    }
}

# Usage Protocol
$pacUrl = "<web_configuration_file>"
Monitor-ConfigFile -url $pacUrl

This creates a function in PowerShell and then defines the configuration file at the bottom of the script, if you wish to run the Montor-PacFile script then first after you save the file for this I have used Config_Monitor.ps1, you first need to import the module like this:

Import-Module ./Config_Monitor.ps1

Then once you have imported this module you can then run the syntax as per the script:

Monitor-ConfigFile -url $pacUrl

This will then take a snapshot as below which is stored in memory, and then at the interval, which is 600 seconds as default, it will check the file again for changes:

If you get "No Change Detected" all is well, but if you do see changes you will get an email like this: