I'm trying to alert when files are deleted in a folder. I turned on auditing for deletes and I see event id 4663 in the security log. I'm using SCOM 2012 to comb the event log.
What I need to know is what is the parameters values for this alert.
Specifically, what parameter value is the "DELETE" value.
Access Request Information: