Drop or ignore events from windows

[giorgiosld]

Hi, I’m pretty newbie using wazuh, and I’m trying to configure it to avoid collecting certain user-generated events, represented by an external service that works in the background, and that daily performs many requests on the various corporate endpoints. Wazuh sees these and saves them as logs, so I followed this #459 guide where you were going to ignore the generated events, and the dashboard actually doesn’t show them anymore. The problem is that I activated the notification by email, and daily the emails arrive saying that the queue of wazuh, installed in a certain agent is full. I did a check and on the dashboard these requests are not shown but from the time of the email notification I realized that it is this service. I would like to know if there is a way to actually ignore these logs directly from the agent or the only solution is to set the anti-flooding mechanism.
The rule I’m using is this

<group name="win_evt_channel,windows,">
   <rule id="100002" level="0">
      <if_sid>92657</if_sid>
      <field name="win.eventdata.targetUserName">^wrk-lansw</field>
      <description>Ignore for lansweeper logon</description>
      <options>no_full_log</options>
      <group>pci_dss_10.2.5,gpg13_7.1,gpg13_7.2,gdpr_IV_32.2,authentication_success,</group>
   </rule>
</group>

Thank you in advance for your help.