the main purpose is to check/verify your policies are correct without haveing a effekt on the end user / client, having much support calls etc. But remember to turn it of for production.

One further benefit is that in ePO you can go to the observation events (I think should be the screen you posted), select an event > actions and directly create a whitelist entry (based on hash), updater etc and create a policy (or add to an existing policy).

Check the "What's new?" hyperlink present on Policy Discovery UI page on ePO. (Check the upper-right corner). It will take you to a KB descriibg the principal changes done in v6.1.2 for Observation mode and its working.    

Firstly, I think like you said  but as you can see when i turn to observe mode my policy is working but the observe generate the event that not even relate with my policy for example i just creat rule for ie binary but when i try to installed chrome the event was generate. In contrast ,i cannot open ie that mean we cannot observe for policy violation that why i ask for this feature purpose