Hello,

I was testing the incident of  "Unusual volume of file deletions" alert in my environment, i tried it by delete 1700 text files, the alert generated successfully, but the problem is when i trying to check what files are deleted, by the table CloudAppEvents (ActionType :FileDeleted) from both hunting tab in Microsoft Security Center and Sentinel logs, the result is not all deleted files are listed as an events(approximately just 150 events appear from total 1000 deleted files).