What do you exactly have configured on your LEM?
Keep in mind, that your LEM is a veerryyy busy little bee, multitasking to the max in the background.
For every single Event that you have arriving into LEM, the LEM itself is going through:
checks which connector is configured to normalize or 'translate' the information to a readable format for you on the web console.
Then:
goes through Every Single filter you have enabled under monitoring page - to see if the event that's arrived in, matches with the filter conditions, then if it does, it carries out any actions you have for that filter.
WHILE
checking: Every Single Rule that you have enabled - to see if the event matches the conditions, and then carries out all the actions that you have assigned to that rule when it triggers - email, event, etc.
while,
also making sure that the information is saved somewhere, while also checking that it has enough memory to still do what it does best, while
also checking to see if more space needs to be made on the lem. ... etc ...etc... etc... I think you get the picture..
Have you added any new devices to the LEM lately? Or from the existing devices... have you changed any settings anywhere, where the device sending information to lem, is now doubled the amount of information that it is sending? (ex: firewalls, routers, dc's etc).
How did you get it to drop the last time? Did you add more memory?
Make sure your memory allocated = your memory reserved.
Don't forget to run the Database Maintenance report from the LEM Report console, as that gives you a breakdown of exactly what is going on with the LEM in the background.