Bro HTTPS analyzer

Generally, you do not “process” https traffic with Bro. Either you break it out, or you just look peripherally at the traffic (things like certificate information, conn tracking). If you truly want to do full inspection of https, you need an ssl proxy or breakout solution. Once it is broken out, there is nothing you need to do. Bro reads it exactly the same as any other http traffic.