To quickly monitor the actions made by the members of the Domain Admins, you can create a dynamic watchlist with similar filter :
I think you might be able to use the Windows Advanced Audit Policy Configuration/Account Management on your domain controllers to monitor what modifications have been made on your groups.
Also create a Correlation Rule to trigger whenever someone is doing modification on the monitored groups.
Let me know what you think about this.
It appears I have solved my own issue. It was due to an oversight in forgetting to include port 3268 for GC querying. By specifying <IP of global catalog server>:3268 on the Sources tab for an LDAP query in a watchlist I can now crawl all domains.
Hope this helps anyone else that may have been stuck.