This is controlled by the fail-open/fail-close settings in situations where the inspection engine has an issue. It is located in two places, not sure which one is relevant since there isn't enough of your log card shown. You must have "fail-close" set in at least one of these locations:
1) Manage & Settings...Blades...APCL/URLF...Advanced Settings...Fail Mode
2) Manage & Settings...Blades...Threat Prevention...Advanced Settings...Fail Mode
Any kind of DNS error like this dictates checking and diligently testing the DNS servers defined in the Gaia OS of the firewall. If one or more of them are slow or not responding consistently it can cause various performance-related mayhem with the rad daemon and APCL/URLF, among others. Make sure *all* DNS servers defined in the Gaia OS respond quickly, not just the first one in the list which is automatically selected by nslookup.
Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com