Hello,
Are you using LOG alert rules in Azure Monitor (not Sentinel rules) - just checking?
For 3/4 you need to setup the Defender XDR connector in Microsoft Sentinel, look in Content Hub, for that Solution.
Then when you check the [Data Connectors] blade in Sentinel, you will see all sources (that you have/licenced) displayed, inc. the two Tables you mention (bottom of this list)