Worth raising support ticket, seems unprobable to be expected behaviour.
The only other suggestion I'd have is to force a rollout of policy to your Correlation Engine. It sounds like your rule has been deleted from the policy on your ESM, but the rule logic is still running on the CE. Forcing a rollout of the updated policy should take care of the issue.
Deleting a rule in the Policy Editor does not delete events associated with that rule. It only rips out the name matching and leaves the data in the database. Take for instance if someone deleted a rule for windows logon using explicit credentials, it would delete all authentication data on your ESM for windows events for a windows logon using explicit credentials.This way, the data is still in the database, still searchable, however the signature description of the rule is now gone due to having been deleted. If you do not wish to see the 0 associated with the name, you can select the events and delete the events.
Also, if new events are still triggering, perform a policy roll out, the rules are initially stored in the ESM, then pushed to receivers during the rollout, if the receivers have not had the rules rolled out to them then they still have a copy of a rule where the name does not exist in the ESM now.
Hopefully that helps.
Thanks for this clarification. It seams it was old events which continue to appear. Once deleted, the rule didn't pop up againin my dashboards .