useful *.bro files repository?

I was looking for ANY feedback on
what others were doing with bro and received NOTHING. So I assume people
are not really using it for any detection, but just as an educational tool
(which is fine!).

Well, LBL and UCB use it 24x7 for detection, quite effectively. I know
some other sites are running it seriously, too.

I continue to play with various polciies. Some combinations crash bro,
some produce config parsing errors, some cause it to die a slow death,
etc.

Rather than just stating these as generalities, please send along specifics
so they can be investigated/fixed. (Feel free to do this privately if
you want.)

Here is what I use now:

Yep, that's what a number of our boxes use, except replace:

@load http

with @load http-reply in order to pick up HTTP requests & replies.

It works, doesn't detect much, some fun FTP attacks and weird RST packets

Do you know if things are indeed being missed?

    Vern