Description of problem:
The new rule 'Date and time jumps in logs managed by rsyslogd when imjournal.state is not configured' is triggered what looks to me 'random' set of 80 servers out of ~400.
And in the end we are not using the imjournal configuration item at all.
Please review the rule why on a subset of consistent configured servers are matching and why it can it is triggered although the keyword imjournal is not used.
Looking in rules.json i also find only /etc/rsyslog.conf is checked, but the /etc/rsyslog.d/*.conf files are not checked. We emptied the rsyslog.conf and only use /etc/rsyslog.d/*.conf files for the configuration