This looks like Audit Process Tracking - Success is enabled on your system. You can turn that off in the Windows Audit policy and they won't get generated at all (in the event log or coming to LEM).
Within LEM, you can filter that alert from ever appearing across all systems, or you can filter it out but still collect/store/correlate it. (Or, track down what's up with SearchProtocolHost.exe opening and closing so frequently) Right now, there's no filter you can apply to the connector to disable certain patterns from collecting, but that's an interesting idea.
Thanks for responding. I am new to LEM and getting to grips with its features. I am curious if it is possible to filter out these events through the appliance policy, like the kb article instructs for Windows noise events in this link? http://knowledgebase.solarwinds.com/kb/questions/2834/__fav This policy wouldbe applied to the appliance, vs the individual node though, so if my suggestion is possible, it is limited in the scope of filtering these events from one specific node.
In my example, the workstation did have a problem with the windows search indexing service, hence the repeated process start/stop events, which did identify the workstation had an issue previously unseen, so there is merit in receiving all events. Also the Group Policy is set to enforce process audit events to the security log, so the logging of these events cannot be turned off at Operating System level for this individual workstation.