I checked and the only thing I can find is that every second this messages appear:
2013/11/19 21:12:05 ossec-authd: INFO: New connection from x.y.c.10
2013/11/19 21:12:06 ossec-authd: ERROR: SSL read error (-1)
2013/11/19 21:12:07 ossec-authd: ERROR: SSL Accept error (0)
2013/11/19 21:12:07 ossec-authd: INFO: New connection from x.y.c.11
2013/11/19 21:12:08 ossec-authd: ERROR: SSL read error (-1)
2013/11/19 21:12:08 ossec-authd: ERROR: SSL Accept error (0)
2013/11/19 21:12:08 ossec-authd: ERROR: SSL Accept error (0)
2013/11/19 21:12:08 ossec-authd: INFO: New connection from x.y.c.11
2013/11/19 21:12:08 ossec-authd: INFO: New connection from x.y.c.10
2013/11/19 21:12:09 ossec-remoted(1213): WARN: Message from x.y.c.11 not allowed.
Could this be related?