A keyword policy with a compound detection rule, Keyword+Protocol Monitoring for HTTP/HTTPS, does not generate incidents.
Refer to the Symantec Data Loss Prevention Administration Guide, Configuring server logging behavior section for more information.