ISE version engine version=2.4.0.357, installed patches= 6.

I am VERY new to ISE alarms and configurations. I have been at my new company for about a month now and have started to look at our alerting. We often get alarms for "Excessive Failed RADIUS Authentication Attempts" but the information contained in the alert are almost useless other than "something" happened go look. I would like to see more in the body of the emails. 

It would seem things like Network Device Name, Network Device IP, Identity Store, Protocol, User, MAC Address, NAD Port, Identity Group, ISE Server, and Authorization Profile should be available in the alarm notification email but are not populating. I see that besides these fields are blank text boxes, is this only for static text or can we use a variable or something to actually show this information in the email alerts. The item I most want to see is the name of the actual node or at least its MAC address so we can start to find it. The techs spend a lot of time login into ISE and then finding the MAC and searching DHCP for a lease with the same MAC.