An emacs major mode for the Bro Scripting Language.

(setq exec-path (append exec-path '("/Users/Mac/Documents/src/bro/build/src/")))
(setenv "PATH" (concat (getenv "PATH") ":/Users/Mac/Documents/src/bro/build/src/"))
(setenv "BROPATH" "/Users/Mac/Documents/src/bro/build/src:/Users/Mac/Documents/src/bro/scripts:/Users/Mac/Documents/src/bro/scripts/policy:/Users/Mac/Documents/src/bro/scripts/site")
(add-to-list 'load-path "~/emacs.d/site-lisp/bro-mode/")
(setq bro-event-bif "~/Documents/src/bro/build/src/base/event.bif.bro")
(setq bro-tracefiles "~/tracefiles")
(require 'bro-mode)

1. Indentation
2. Keyword, builtin, and operator highlighting
3. bro-event-lookup function Quick lookup of builtin functions. Place the point over a built in bro function (i.e. http_header ) and M-x bro-event-lookup will open a temporary buffer with the documentation with bro-mode highlighting for that function.
4. bro-event-query function Quick keyword lookup of builtin functions. M-x bro-event-query and provide a query. A new buffer will be created with the results.
5. bro-run Requires that PATH and BROPATH be set correctly. I run out of the build directory and use the following in my init file.

   (setq exec-path (append exec-path '("/Users/Mac/Documents/src/bro/build/src/")))
   (setenv "PATH" (concat (getenv "PATH") ":/Users/Mac/Documents/src/bro/build/src/"))
   (setenv "BROPATH" "/Users/Mac/Documents/src/bro/build/src:/Users/Mac/Documents/src/bro/scripts:/Users/Mac/Documents/src/bro/scripts/policy:/Users/Mac/Documents/src/bro/scripts/site")
       

   It also requires that bro-tracefiles be set to the directory with your tracefiles.

   (setq bro-tracefiles "~/tracefiles")      
       

   Once it’s properly set up, M-x bro-run will send the entire buffer as code to bro asking for the tracefile you want to use and the signature file you want use.

6. bro-run-region Same as bro-run but with the region instead of the entire buffer.

bro-indent-line needs considerable clean up.