With an Intrusion Detection policy deployed to a Solaris agent, when a watched file is accessed or modified, the User Name is not in the Event Details.
At this time Real Time File Integrity Monitoring (RT-FIM) is not supported on Solaris.
The IDS Filewatch module on Solaris is functioning as designed.