tear down ossec from gprd environment

rationale: in its current state, it adds a lot of stress yet noone seem to look into its results. it also requires package rebuild and redistribution (https://gitlab.com/gitlab-com/infrastructure/issues/3471), so I propose we tear it down from gprd environment, and iterate on including it later according to production readiness requirements, with the aspects like system load and log rotation addressed before its installed everywhere.

/cc @gl-infra