I have seen various scenarios where unwanted (normal) events are generated by not tuning the polices as mentioned above by both techi_it and Intrusion_Security_Guru. Usually, you only want to send events to that manager that are actionable or questionable.
If you need logs from normal behavior for forensic purposes, then you should look into using Bulk Logging to store the "normal" or "unimportant" events in a highly compressed flat file that is then sent to the server for out-of-database (or offline) storage. Then, if you ever need these events for an investigation later on, you use the bulk-loader tool to bring these events into the database.
One thing to have the team that administers the SCSP console is to ensure that they have not selected "Enable logging of trivial policy violations" (if they are using an IPS policy).
The Trivial Logging feature is handy when you need to debug a policy issue, but I have seen databases get completely filled up with this enabled over a period of days or weeks.