Inappropriate deletion of files from your SharePoint site performed either by outsiders or internal users can lead to data loss. Therefore, it’s critical to identify the name of the account that was used, and investigate whether an internal user deleted the file, or whether the user account was taken over by a hacker or malware. With that information, you can respond appropriately — for instance, by limiting the user’s access to sensitive data stored on SharePoint, or stopping malware activity in a timely manner.
Netwrix Auditor for SharePoint delivers complete visibility by providing valuable information on all read access events and changes, including who deleted files, across your entire SharePoint environment. IT administrators can use the Interactive Search feature to quickly generate an easy-to-read custom report on particular changes and save it for later use. They can also review the predefined All SharePoint Activity report, and receive a notification via email every time a file is deleted by using the subscription option with a predefined report.