Hi all:
Just a brief note that https://github.com/cubic1271/bro-plugin-instrumentation exists as a work in progress, and should now be supported by the current bro master.
It knows four tricks at the moment:
* Per-packet statistics - memory, file I/O, and CPU information either every X seconds or every Y packets. This differs from existing functionality only in the way data is gathered: it uses RDTSC to grab CPU cycles, hooks the malloc familiy of functions to gather memory data, and also hooks I/O methods to gather information about what is generating input / output in the application.
* Per-function statistics - memory information and aggregate cycle counts for the time spent in each bro function.
* Function call-graphs - output graphviz formatted call graphs that can be rendered via e.g. dot.
* Export of arbitrary data via HTTP - populate arbitrary JSON objects in bro script and serve them directly from a HTTP server embedded in the plugin.
Overhead is pretty high at the moment, and there are things that need to be researched on different platforms (e.g. mechanics of RDTSC, reduce error associated with cost of collecting data, etc). I haven't crashed it with the data I've thrown at it as of yet, but I'm sure it's only a matter of time...
It's a work in progress, so feedback / comments / concerns are welcome.
Hope something in there is interesting to someone 
--Gilbert