[Bro] Using bro without traffic capture

[rogeriobastos]

 Hi guys,

 I'm working in a project to develop a Network Security Early Warning 
 System (NS-EWS).
 We need correlate events but we can't capture network traffic because 
 privacy questions.
 I think we can insert events into bro with broccoli and use it to 
 correlate events.
 I would like to know if anyone have made something similar or have some 
 suggestions of how to do this.

-- 

 Rogerio Bastos
 PoP-BA/RNP