First time here at techr, just to reply to this post. I had the same issue with the rules being too sensitive, but after working with the developers (at #ossec on freenode), I got my rules pretty much tunned down to a point where I only get a few e-mails per day with interesting alerts.
I would recommend these two links for more information on how to tune your rules:
- Keyboard Shortcuts:
Keep Up with TechRepublic