KirstensAmazing

## gist:79b8d4355f1b8cdf8d38
/macroicon "Raise"
/ac Swiftcast <me>
/wait 0.5
/ac Raise <t>
/p Swift Raise <se.9> (Just used it) on <t> 60 Seconds until another.

## LogGelf
filter {
## This will pull out unnecessary and repeated celery information about it starting jobs. This goes first so that it doesn't get mutated later.
  grep {
    type => "celeryd"
    match => ["@message", "^([D|d]ebug|DEBUG|[N|n]otice|NOTICE|[I|i]nfo|INFO|[W|w]arn?(?:ing)?|WARN?(?:ING)?|[E|e]rr?(?:or)?|ERR?(?:OR)?|[C|c]rit?(?:ical)?|CRIT?(?:ICAL)?) [0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2},[0-9]{3} .*?$"]
    negate => true
  }
## This will capture the message in the format time: severity/process message .  This is capturing the data and tagging it so that it can be exported to our GELF format later
  grok {
    match => ["@message", "\[%{DATESTAMP:timestamp}: %{DATA:severity}/%{DATA:process}\] %{DATA:message}$"]
	/macroicon "Raise"
	/ac Swiftcast <me>
	/wait 0.5
	/ac Raise <t>
	/p Swift Raise <se.9> (Just used it) on <t> 60 Seconds until another.
	filter {
	## This will pull out unnecessary and repeated celery information about it starting jobs. This goes first so that it doesn't get mutated later.
	grep {
	type => "celeryd"
	match => ["@message", "^([D\|d]ebug\|DEBUG\|[N\|n]otice\|NOTICE\|[I\|i]nfo\|INFO\|[W\|w]arn?(?:ing)?\|WARN?(?:ING)?\|[E\|e]rr?(?:or)?\|ERR?(?:OR)?\|[C\|c]rit?(?:ical)?\|CRIT?(?:ICAL)?) [0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2},[0-9]{3} .*?$"]
	negate => true
	}
	## This will capture the message in the format time: severity/process message . This is capturing the data and tagging it so that it can be exported to our GELF format later
	grok {
	match => ["@message", "\[%{DATESTAMP:timestamp}: %{DATA:severity}/%{DATA:process}\] %{DATA:message}$"]