To start there are some prerequisites you need to download in order to do this effectively.  Download Stackless Python 2.5.2


http://www.stackless.com


Download win32 by Mark hammond

http://python.net/crew/mhammond/


Should then work  by running python NetworkOSwatching.py from command line.  In order to run this from Binary
please make sure you have Windows Vista with SP1 Some problems have been reported running on XP SP2.
If you would like to compile a binary for XP that would be appreciated to

This is a server written in Python

[1] Connect via Putty on target computer using Raw connection port 8888. Example “127.0.0.1″ 8888 Raw
[2] After successful connection enter command “START” With out the quotes
[3] Watch for recursive file system changes

This app uses stackless for threads


Here is a binary and source download…

http://www.techshinobi.com/NetworkOSWatching.zip


To change top level directory modify

path_to_watch = “C:\\”

to anything you choose

example

path_to_watch = os.getcwd()

The Source

import os
import sys
import time
import win32file
import win32event
import win32con

import socket, traceback
import stackless

host = “”
port = 8888

def handlechild():
print “Got connection from”, clientsock.getpeername()
while 1:
data = clientsock.recv(4096)
if data == “START”:
watchos()
if not len(data):
break
clientsock.sendall(data)

clientsock.close()

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

s.bind((host, port))
s.listen(10)

# This Function taken and modified from
# http://timgolden.me.uk/python/win32_how_do_i/watch_directory_for_changes.html
# All credit to him

def watchos():
#get path or maintain current path of app
FILE_LIST_DIRECTORY = 0×0001
path_to_watch = “C:\\”
path_to_watch = os.path.abspath(path_to_watch)

clientsock.send(“Watching %s at %s” % (path_to_watch, time.asctime()))
# FindFirstChangeNotification sets up a handle for watching
# file changes.
while 1:
hDir = win32file.CreateFile (
path_to_watch,
FILE_LIST_DIRECTORY,
win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
None,
win32con.OPEN_EXISTING,
win32con.FILE_FLAG_BACKUP_SEMANTICS,
None
)

change_handle = win32file.ReadDirectoryChangesW (
hDir,
1024,
True,#Heap Size include_subdirectories,
win32con.FILE_NOTIFY_CHANGE_FILE_NAME |
win32con.FILE_NOTIFY_CHANGE_DIR_NAME |
win32con.FILE_NOTIFY_CHANGE_ATTRIBUTES |
win32con.FILE_NOTIFY_CHANGE_SIZE |
win32con.FILE_NOTIFY_CHANGE_LAST_WRITE |
win32con.FILE_NOTIFY_CHANGE_SECURITY,
None,
None
)

# Loop forever, listing any file changes. The WaitFor… will
# time out every half a second allowing for keyboard interrupts
# to terminate the loop.
ACTIONS = {
1 : “Created”,
2 : “Deleted”,
3 : “Updated”,
4 : “Renamed from something”,
5 : “Renamed to something”
}
results = change_handle
for action, files in results:
full_filename = os.path.join(path_to_watch, files)
theact = ACTIONS.get(action, “Unknown”)
clientsock.send(“\n” + str(full_filename) + str(theact) +”\n”)

while 1:
try:
clientsock, clientaddr = s.accept()
except KeyboardInterrupt:
raise
except:
traceback.print_exc()
continue

channel = stackless.channel()
stackless.tasklet(handlechild)()
stackless.run()