Is there a way to audit file deletion on Solaris?

Can the timestamp and user+process that performed the file delete be tracked?

I have now setup solaris auditing and have made the following audit_control, audit_class and audit_event entries:

$ grep pf /etc/security/audit_control
flags:pf,fd
$ grep pf /etc/security/audit_event
6:AUE_UNLINK:unlink(2):fd,pf
48:AUE_RMDIR:rmdir(2):fd,pf
286:AUE_UNLINKAT:unlinkat(2):fd,pf
6182:AUE_filesystem_delete:delete filesystem:as,pf
6185:AUE_network_delete:delete network attributes:as,pf
$ grep pf /etc/security/audit_class
0x10000000:pf:rems
$ grep fd /etc/security/audit_class
0x00000020:fd:file delete

It seems to be able to successfully audit and log most file deletes but there are some file deletes that it fails to capture. A specific example is deletions performed from a Lavastorm app that we are using. Those are not logged.