More relevant information is generally helpful. There have been
attempts at silencing these, but they're usually low volume enough
that it isn't a huge deal.
> Related to this, I noticed that the alert level is 2, it appears that the
> only place to set alert levels is in ossec.conf on the server or 'local' (it
> is configured on the server as the default:
> <email_alert_level>7</email_alert_level>).
>
> I seem to remember seeing somewhere that a local install was one where the
> server managed only itself but can't find that reference now, is that
> correct?
>
This is correct. It's a standalone system.
> The other option is to configure the system as hybrid, if that would allow
> the notification to be suppressed (and the implications of the change
> weren't too great), I would be glad to configure it that way if someone
> could point me to instructions on how to do so.
>
Hybrid installs are for OSSEC servers that report to upstream OSSEC
server. It is essentially a server to agents, as well as an agent to a
server (passing the alerts from its agents upstream).
> Thanks for the help, my learning curve at this point is pretty steep.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
ossec-list+...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.