Agent event queue is flooded. Check the agent configuration. #879
Description
Hi everyone,
I recently implemented Wazuh in our company, with approximately 180 active agents, including both Mac and Windows devices. The agents were enrolled via Intune Azure Active Directory.
I'm encountering an overwhelming alert: "Agent event queue is flooded. Check the agent configuration." It appears that most of these alerts are related to application and system errors.
It's worth noting that all the agents triggering these alerts are Windows-based; no Mac agents have reported any similar issues.
I've reviewed the documentation regarding increasing the EPS (Events Per Second). Is there a way to adjust the EPS specifically for Windows agents from the Wazuh server and then push these updates to the agents?
Alternatively, would it be possible to disable application logs and Windows health-checks logs? Any suggestions would be appreciated.
Thank you for your assistance.