NewBroDataFactory creates a new BroData based on the stringwhich appears in that log's objType field.

ADDR is a type used to represent an IP address.

ANY is used to bypass strong typing in bro script.

BOOL reflects true or false, designated 'T' or 'F'.

COUNT is a numeric representation of a UINT_64 represented as either a string of digits or a hex number.

DOUBLE is a numeric type representing a double-precision float.

ENUM is a type allowing the specification of a set of related values that have no further structure.

ENUM_SET is a SET which contains ENUMs.

EVENT represents an event handler in bro script.

A file object which can be written to, but not read from (which is a limitation of bro script and has nothing to do with brosync).

FUNCTION represents a function type in bro script.

HOOK represents a bro script object best described as as the an intersection of a function and an event.

INT is a numeric type representing an INT_64 represetned by a string of digits preceded by either a '+' or a '-'.

INTERVAL is a temporal type representing relative time.

INTERVAL_VECTOR is a VECTOR which contains INTERVALs.

OPAQUE represents data whos type is intentionally hidden, but whose values may be passed to certain bro script builtins.

PATTERN is a type used to represent regular expressions.

PORT is a type used to represent transport-level port numbers these are typically represented as a number followed by one of /udp, /tcp, /icmp, or /unkown.

STRING is a type used to hold character string values.

STRING_SET is a SET which contains STRINGs.

STRING_VECTOR is a VECTOR which contains STRINGs.

SUBNET is a type used to represent a subnet in CIDR notation.

TIME is a temporal type representing an absolute time.

DNS provides a data structure for entries in the bro DNS log.

HTTP provides a data structure for entries in bro's HTTP log file.

BroData holds a line of a bro log.