JS,
Did you modify the connector to point to the correct log facility?
In the Sourcefire connector, you should see /var/log/auth.log in the configuration if you set it up the same way as below(Image from the Cisco page you posted above)
Another thing to check is that you are receiving logs in the auth.log folder.
Open a SSH session(cmc login) or VMWare console to the LEM.
Type appliance and then checklogs.
Type the number to select the auth.log file and see if it contains anything from the sourcefire device.
If your are still running into the issue, feel free to reach out to us in support!
Thanks,
Chris