|Purpose:||Monitor Windows Registry keys|
|Format:||REGMONITOR [/C [key]]|
REGMONITOR [/=] key NAME ATTRIBUTES VALUE SECURITY n command
|NAME||Subkey added or deleted|
|ATTRIBUTES||Changes to the key attributes (such as the security descriptor information)|
|VALUE||Changes to the value of a key|
|SECURITY||Changes to the security descriptor|
|n||Number of repetitions (or FOREVER)|
|command||Command to execute when condition is triggered|
The command line will be parsed and expanded before REGMONITOR is executed, so if you want to pass redirection characters or variables to command you will need to protect them (by enclosing in single back quotes, doubling the %'s, or using command grouping).
If the last argument on the line is a single (, it is interpreted as the beginning of a command group. REGMONITOR will append the following lines (in a batch file) or prompt you for more input (at the command line) until it gets a closing ).
If you don't enter any arguments, REGMONITOR will display the registry keys it is currently monitoring.
The key must begin with either the full root key or the short name:
|Full root key||Short|
If you append a \* to the key, REGMONITOR will monitor the specified key and all of its subkeys.
The monitoring runs asynchronously in a separate thread. When the condition is triggered, the command will be executed immediately. This may cause problems if you try to write to the display or access files while the main TCC thread is also performing I/O. You may need to use START or DETACH in command to avoid conflicts.
regmonitor "HKCU\Software\JP Software\Take Command 24\*" name value forever echo Windows Registry updated!
|/=||Display the REGMONITOR command dialog to help you set the command line options. The /= option can be anywhere on the line; additional options will set the appropriate fields in the command dialog.|