question

File SQL.log is randomly created in Windows/temp folder, which start growing and growing. I deleted, but I would like to be alerted as soon it is created to be able to "read" it and prevent the issue in other servers.

This one might help.

https://gallery.technet.microsoft.com/scriptcenter/Powershell-FileSystemWatche-dfd7084b

Hi

You can achieve that with Windows Auditing natively too.

To activate:

• Type gpmc.msc, or gpedit.msc.

• Navigate to “Computer Configuration” ➔ “Windows Settings” ➔ “Security Settings” ➔ “Local Policies” ➔ “Audit Policy”.

• Double-click “Audit Object Access”

• Click “Define these policy settings” checkbox. Click “Success” and “Failure”.

Now, you need to select that auditing to the folder;

• Open “Windows Explorer”, and navigate to the folder that you want to track.

• Right-click the folder and select “Properties”, and go to the Security tab

• Click “Advanced” to access “Advanced Security Settings”. In “Advanced Security Settings” window, navigate to “Auditing” tab.

• To create a new auditing entry, click “Add”. “Auditing Entry” window will appears

• Click “Select a Principal” to choose users whose activities you want to track, for your case select Everyone, or if your SQL instance run under a username, please add it there, it will limit the scoop of the auditing.

• Click Ok, Select “All” in “Type” drop-down menu.

• Select the permission you want, and click ok 3 time to get out of that windows.

  
  

Now to monitor it, we will check the event viewer.

Filter on the event id 4616, to see file creation.