The volume of alerts within that timeframe isn't too exceptional, but still bears review.

The first one is a little bit more high level than the second.  The PROTOCOL-DNS alert was first discovered a few years back, and is tagged as CVE-2015-7547.  Not specifically a major threat, but there was a known vulnerability found a few years ago that affected quite a number of Cisco devices.  More information on that can be found here: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20160218-glibc.html.

The second, INDICATOR-COMPROMISE, depends a little more if you happen to have a PCAP of traffic from that device.  It could be nothing, could be indicator of something else, but if you can pull a full packet capture on it, that should give you a little more info of where it lies. In the meanwhile doesn't hurt to isolate that Android client until you get a closer look at it.

Sidenote, but the above could depend on the tier you have your IDS/IPS settings at.  Balanced is typically my SOP on deployment, I've found Security to trigger a number of false positives. 

Depending on any other issues on the network and how long its been since the last review, I always suggest to people to get a security audit completed, either through a VAR or a smaller firm.