Hi, I just wanted to share how I monitor progress and ETA while running bro from a pcap file.
If I have only one pcap I use pipe viewer (the pv command) like this:
pv x.pcap | bro -r -
If I have more than one pcap, e.g. from a big tcpdump run, I merge all of them on the fly using joincap ( https://github.com/assafmo/joincap ) like this:
joincap *.pcap | pv -s $(du -bc *.pcap | awk ‘/total/{print $1}’) | bro -r -
This way pv print progress and ETA information while bro is running. 
Shameless plug - I wrote joincap specifically for these kind of situations, because mergecap and tcpslice does not handle errors very well.