Have a situation where we have a high security level folder on the File server giving access to a particular Group.

We recently found that some unwanted/authorised Users have been added to this Group granting them access to this folder and subfolders.

How do I set up a Monitor in SCOM to Alert me if a user is Added/Removed from this Folder.

Do i setup monitoring at AD Level since the access Group is from AD or do I monitor from FileServer Level as users can be added explicitly or do I monitor both sides?

I have implemented Monitoring of AD group Modification to monitor Domain Admins group membership additions in SCOM.

I would like to do something similar but not sure where to start off from.

Please note, I do not want to monitor File Sizes or changes to Permissions.
Trying to monitor user addition and removal from a Folder.

Steve P answered