In the device control section of the policy, you can add mice and keyboard to the exclusion list.
https://www-secure.symantec.com/connect/forums/application-and-device-control-policy-e-mail-alert
To setup email alerts, go to Monitors <> Notifications <> Notification Conditions and Add a Client Security Alert. Select Device Control and edit anythign else you need. In the policy make sure "Log detected devices" is checked
Also, just so you know, SEP 11.x is end of support life and content updates have stopped. You should move to 12.1 as soon as possible:
https://www-secure.symantec.com/connect/forums/symantec-endpoint-protection-110x-eosl