Theoretically something you may run into, but nothing that I've seen (at least no deliberate attacks targeting the LEM).
Ultimately there isn't a way for the LEM to limit the logs that it's receiving. There's no threshold to set or rule to enable to shut down the agent service after so many events, etc. You could theoretically set some rules up to do this, but I imagine that the event threshold would have to be very high, and possibly affect performance in its own right, otherwise the agent would shut down more often than would be useful (false positives here would stop the agent logging at all).
Not sure if it's been requested before, but if you don't see a related feature request you could submit it here via Thwack.