Those dashboards are keyed of of an eventtype. Modifying that eventtype is the easiest approach.
Either add the index to it through the GUI, or create a file at /opt/splunk/etc/apps/ossec/local/eventtypes.conf with the following:
[ossec]
search = index=ossec (sourcetype=ossec* NOT sourcetype=ossec_agent_control)
(This is the same as the default setting, but adding the index explicitly - modify as needed).
Alternately, you can go into Access Controls and add the ossec index to the user role as one of the indexes that gets searched by default.
Or, you can modify the dashboard XML files themselves to point them at the right index explicitly. Untested, but something like this would do it:
cd /opt/splunk/etc/apps/ossec/
mkdir -p local/data/ui/views
cp default/data/ui/views local/data/ui/views
cd local/data/ui/views
for i in *.xml; do sed -i.bak "s/eventtype=ossec/index=ossec eventtype=ossec
/opt/splunk/bin/splunk restart