Edit the local security policy and enable the auditing for the server. You’ll want to audit the file access successes and failures.
This will quickly fill your security log on the server, so you will have to configure the server to increase the size of the security log file.
There is no way to audit the files which have already been deleted. All you can do is restore the files.