The way the service field in Hubble flows has been implemented so far is that it only works if the destination IP is the service ClusterIP. This makes the following lines from hubble observe --help misleading:

      --from-service filter     Show all flows originating in the given service ([namespace/]<svc-name>). If namespace is not provided, 'default' is used
      --service filter          Show all flows related to the given service ([namespace/]<svc-name>). If namespace is not provided, 'default' is used
      --to-service filter       Show all flows terminating in the given service ([namespace/]<svc-name>). If namespace is not provided, 'default' is used

Per @gandro the ideal fix would be to extend it to do a lookup on the IP to see if the destination/source is a service backend IP and populate the fields accordingly. It likely needs some plumbing in cilium-agent first however, to have a backendIP -> service metadata index.

In the shorter term it would be good to update the help for these items eg.

Shows flows where the destination IP address matches the ClusterIP address of the given service ([namespace/]<svc-name>)