This looks like Audit Process Tracking - Success is enabled on your system. You can turn that off in the Windows Audit policy and they won't get generated at all (in the event log or coming to LEM).
Within LEM, you can filter that alert from ever appearing across all systems, or you can filter it out but still collect/store/correlate it. (Or, track down what's up with SearchProtocolHost.exe opening and closing so frequently) Right now, there's no filter you can apply to the connector to disable certain patterns from collecting, but that's an interesting idea.
