From a support forum: "These are events associated with SPPSVC service startup and shutdown. The service is designed to shut down when nobody is using it. An application may call SL API, which will cause the service to wake up.
Here is some additional information that may help to investigate anomalies in SPPSVC wakeup-shutdown pattern (notice that starting up because some other app calls SL API is not an anomaly ):
First of all, before the service shuts down, it updates a Windows Task Scheduler task under Microsoft/Windows/SoftwareProtectionPlatform. This task is scheduled to wake up SPPSVC approximately <renewal interval> minutes after a successful SPPSVC renewal (typically seven days later). You may want to look at this entry to verify that the next wake up time is consistent with your KMS renewal interval. Pay attention to the “Next Run Time” and “Last Run Time” fields. (This task schedule entry is hidden, so you need to enable viewing hidden tasks from the View menu in the Task Scheduler).
Secondly, another potential reason for SPPSVC to keep waking up is another service: SPPUINOTIFY. This normally (when the system is in the licensed state) should run during KMS renewal and should shut itself down after the renewal has succeeded.
If both of the above are right (that is the task scheduler task is scheduled outside of 2 hours and sppuinotify service is stopped), then there can be only an external reason for SPPSVC to wake up."