When I look at the Windows Event Logs, I indeed see when people are deleting files. Adding this file server to Eventlog Analyzer, when I run the canned Compliance (FISMA, HIPPA, etc) reports, there are reports for deleted objects, but when I run these reports against the server in question, it does not appear to be grabbing all the information I wish to see:

I've blurred out some of the usernames, the server name and the domain name. What I'd like to see in the 5th column is complete details as you can see in rows 8, 9 and 10. Those are files on the home and work drives, the same drive as I showed a screenshot of the auditing configuration, above. It only appears to be generating reports from the C: drive. 

There is another eventid that appears to be associated with the actual details, eventid 4663. I can manually create a report for this eventid which will detail the particular filenames being deleted, but it looks nowhere near as nice as this canned report.

Is there anything I can, or is there something I am missing?