Non-Compliant DNS and Non-Compliant HTTP IPS protections may be triggered by a Benign application (Non Malicious Application) implemented not according to protocols' standards.
When such an application resides in a network, non-compliant DNS / HTTP IPS protections may be triggered by each connection coming from/to this application, and as a result may flood logs.
In order to avoid the flood, the logs are aggregated and are sent to the Security Management server once every 10 hours.