If you have auditing enabled on the server then you can see the audit of this event in the Security Log. If auditing is not enabled then there is no logging of the event.
You can turn auditing on with the "Local Security Policy" tool in administrative tools. (Alternately, there are similar settings in Group policies, so that they can be applied to a number of servers at once.)
In the Local Security Policy tool navigate to security settings -> Local Policies -> Audit Policy and turn on "Audit Object Access". In this case you want to know when someone deletes a file, so you will want to turn on "success" as well as "failure".
After this, go to the folder (or drive) you want to audit and select properties. On the Security tab, hit the advanced button and select the auditing tab from the resulting window. From here add the groups or specific users you want to receive auditing information for in the logs.
<a href="http://support.microsoft.com/kb/325898">Here </a>is a Microsoft article that discusses the same thing in much more detail, essentially you will want to read these two sections:
How to define or modify auditing policy settings for an event category
How to apply or modify auditing policy settings for a local file or folder</ul>
Last Wiki Answer Submitted: February 22, 2008 4:13 am by Denny Cherry64,520 pts.