A misbehaving input should not be able to flood the shipper and prevent publishing the events of other inputs

[cmacknz]

We will need a way to prevent a misbehaving input from flooding the shipper queue and preventing events from other inputs from being published.

This is a particular concern when the shipper is integrated with the endpoint security input. A user, misbehaving input, or malicious actor should not be able to flood the shipper with log files or other data and prevent or reduce the publishing of security events.

The easiest way to prevent this in the current system is to have the agent provision a separate shipper process for endpoint security, but this will always mean there is an additional queue and output to tune. In the ideal case this would be unnecessary but it is more difficult to achieve.