A keyword policy with a compound detection rule, Keyword+Protocol Monitoring for HTTP/HTTPS, does not generate incidents.
Refer to Configuring Server Logging Behavior (broadcom.com) for more information.