[Bro] LDAP Analyzer

[det2702]

Greetings,

I am successfully running BRO 0.90 in a test environment.  Now I would 
like to write (and contribute to the BRO project) an LDAP analyzer.  I 
have a customer that wants to monitor and protect their LDAP 
repository.  What I am proposing is installing BRO specifically tuned 
and configured for LDAP analysis.

Obviously, I'm new to BRO.  I looked through the documentation and was 
not able to find anything on extending BRO's collection of analyzers.  
I'm especially interested on how to define event_handlers for custom 
policy scripts that leverage the LDAP analyzer.  Can anybody vector me 
in the right direction?

Thanks,

Randy