Solution: We had to migrate to use the XML Filtering.
- within the Security Event Log, click "Filter Current Log..." on the right
- Click the XML tab at the top
- Click (X) Edit query manually
- Replace the select line: <Select Path="Security">*</Select>
- With this line (where %username% is the account you want): <Select Path="Security">* [EventData[Data[@Name='TargetUserName']='%username%']]</Select>