The current rate limiter, audit_set_rate_limit limits all types of events. In our case, we want to limit auditd events with a specific key, as they are very noisy and consume very high CPU. 

From my understanding, this support is currently missing in AuditD.

Is my understanding correct?

--