Some predefined incidents do not have sufficient information

Hello, 

I have noticed that some of the predefined incident, the ones from different Defender products, sometimes are missing crucial information about the incident. 

For example this alert from Defender for Identity

Which computers are affected is nice, but I would like to know what the "1 service" is. This information is not shown in azure sentinel, but if I check out the alert from the defender page this information is available. How do i get that information forwarded to Sentinel correctly?