In Firepower connection events, I see there are numerous connections that do not have any user. If I go to connection events and search the IP the user has, the user field shows no data. If I go to active sessions and search the same IP address, it shows the user. How do I go about getting the user to be populated in the connection events? I'm pretty sure this worked in earlier versions of Firepower.
Thanks for that info. Yes I have the realm configured (when downloading it says it downloaded hundreds of users). The ldap user we have is also in the user@domain format as you described in the FMC Directory Username * field.