The Office 365 Securlet has been activated, but some users are still missing from the CloudSOC user list. However, we can see events in Investigate for these users, but the CloudSOC user section shows as not available.
There are a couple of reasons why CloudSOC did not automatically create the user:
The Office 365 Securlet will still scan the activities and perform the content inspection for users with different OneDrive.Owner Principal Names and Mail attributes; however, if the CloudSOC admin target a policy for these users, the admin can manually add these users to CloudSOC.