Note: the changes below are external to Carbon Black and it is up to the customer to consider if this should be done or not.
- Disable rate limiting by modifying /etc/rsyslog.conf to:
$SystemLogRateLimitInterval 0
$SystemLogRateLimitBurst 1000
- Restart the Rsyslog service
service rsyslog restart