diff --git a/src/DNS_Mgr.h b/src/DNS_Mgr.h
index 96e73779e8..b0b2ff3638 100644
--- a/src/DNS_Mgr.h
+++ b/src/DNS_Mgr.h
@@ -141,8 +141,6 @@ protected:
 
 	DNS_MgrMode mode;
 
-	PDict<ListVal> services;
-
 	HostMap host_mappings;
 	AddrMap addr_mappings;
 	TextMap text_mappings;
diff --git a/src/RE.cc b/src/RE.cc
index 95d5e1786b..b9706375e3 100644
--- a/src/RE.cc
+++ b/src/RE.cc
@@ -194,9 +194,13 @@ int Specific_RE_Matcher::CompileSet(const string_list& set, const int_list& idx)
 	return 1;
 	}
 
-const char* Specific_RE_Matcher::LookupDef(const char* def)
+string Specific_RE_Matcher::LookupDef(const string& def)
 	{
-	return defs.Lookup(def);
+	const auto& iter = defs.find(def);
+	if ( iter != defs.end() )
+		return iter->first;
+
+	return string();
 	}
 
 int Specific_RE_Matcher::MatchAll(const char* s)
@@ -412,10 +416,18 @@ unsigned int Specific_RE_Matcher::MemoryAllocation() const
 	for ( int i = 0; i < ccl_list.length(); ++i )
 		size += ccl_list[i]->MemoryAllocation();
 
+	size += pad_size(sizeof(CCL*) * ccl_dict.size());
+	for ( const auto& entry : ccl_dict )
+		size += padded_sizeof(std::string) + pad_size(sizeof(std::string::value_type) * entry.first.size());
+
+	for ( const auto& entry : defs )
+		{
+		size += padded_sizeof(std::string) + pad_size(sizeof(std::string::value_type) * entry.first.size());
+		size += padded_sizeof(std::string) + pad_size(sizeof(std::string::value_type) * entry.second.size());
+		}
+
 	return size + padded_sizeof(*this)
 		+ (pattern_text ? pad_size(strlen(pattern_text) + 1) : 0)
-		+ defs.MemoryAllocation() - padded_sizeof(defs) // FIXME: count content
-		+ ccl_dict.MemoryAllocation() - padded_sizeof(ccl_dict) // FIXME: count content
 		+ ccl_list.MemoryAllocation() - padded_sizeof(ccl_list)
 		+ equiv_class.Size() - padded_sizeof(EquivClass)
 		+ (dfa ? dfa->MemoryAllocation() : 0) // this is ref counted; consider the bytes here?
diff --git a/src/RE.h b/src/RE.h
index 23804cb6aa..8c8baf9fa8 100644
--- a/src/RE.h
+++ b/src/RE.h
@@ -59,15 +59,22 @@ public:
 	// The following is vestigial from flex's use of "{name}" definitions.
 	// It's here because at some point we may want to support such
 	// functionality.
-	const char* LookupDef(const char* def);
+	std::string LookupDef(const std::string& def);
 
-	void InsertCCL(const char* txt, CCL* ccl) { ccl_dict.Insert(txt, ccl); }
+	void InsertCCL(const char* txt, CCL* ccl) { ccl_dict[string(txt)] = ccl; }
 	int InsertCCL(CCL* ccl)
 		{
 		ccl_list.push_back(ccl);
 		return ccl_list.length() - 1;
 		}
-	CCL* LookupCCL(const char* txt)	{ return ccl_dict.Lookup(txt); }
+	CCL* LookupCCL(const char* txt)
+		{
+		const auto& iter = ccl_dict.find(string(txt));
+		if ( iter != ccl_dict.end() )
+			return iter->second;
+
+		return nullptr;
+		}
 	CCL* LookupCCL(int index)	{ return ccl_list[index]; }
 	CCL* AnyCCL();
 
@@ -119,8 +126,8 @@ protected:
 	int multiline;
 	char* pattern_text;
 
-	PDict<char> defs;
-	PDict<CCL> ccl_dict;
+	std::map<string,string> defs;
+	std::map<string,CCL*> ccl_dict;
 	PList<CCL> ccl_list;
 	EquivClass equiv_class;
 	int* ecs;
diff --git a/src/Rule.h b/src/Rule.h
index cd08d4d93e..8bf53c783c 100644
--- a/src/Rule.h
+++ b/src/Rule.h
@@ -2,6 +2,7 @@
 #define rule_h
 
 #include <limits.h>
+#include <map>
 
 #include "Obj.h"
 #include "List.h"
@@ -15,7 +16,7 @@ class RuleHdrTest;
 class Rule;
 
 typedef PList<Rule> rule_list;
-typedef PDict<Rule> rule_dict;
+typedef std::map<string, Rule*> rule_dict;
 
 class Rule {
 public:
diff --git a/src/RuleMatcher.cc b/src/RuleMatcher.cc
index 90fb13495c..29da1eec60 100644
--- a/src/RuleMatcher.cc
+++ b/src/RuleMatcher.cc
@@ -267,14 +267,14 @@ bool RuleMatcher::ReadFiles(const name_list& files)
 
 void RuleMatcher::AddRule(Rule* rule)
 	{
-	if ( rules_by_id.Lookup(rule->ID()) )
+	if ( rules_by_id.find(rule->ID()) != rules_by_id.end() )
 		{
 		rules_error("rule defined twice");
 		return;
 		}
 
 	rules.push_back(rule);
-	rules_by_id.Insert(rule->ID(), rule);
+	rules_by_id[rule->ID()] = rule;
 	}
 
 void RuleMatcher::BuildRulesTree()
@@ -295,15 +295,15 @@ void RuleMatcher::InsertRuleIntoTree(Rule* r, int testnr,
 	// Initiliaze the preconditions
 	for ( const auto& pc : r->preconds )
 		{
-		Rule* pc_rule = rules_by_id.Lookup(pc->id);
-		if ( ! pc_rule )
+		auto entry = rules_by_id.find(pc->id);
+		if ( entry == rules_by_id.end() )
 			{
 			rules_error(r, "unknown rule referenced");
 			return;
 			}
 
-		pc->rule = pc_rule;
-		pc_rule->dependents.push_back(r);
+		pc->rule = entry->second;
+		entry->second->dependents.push_back(r);
 		}
 
 	// All tests in tree already?
diff --git a/src/file_analysis/Manager.cc b/src/file_analysis/Manager.cc
index da6099b1fe..d306af4003 100644
--- a/src/file_analysis/Manager.cc
+++ b/src/file_analysis/Manager.cc
@@ -24,7 +24,7 @@ string Manager::salt;
 Manager::Manager()
 	: plugin::ComponentManager<file_analysis::Tag,
 	                           file_analysis::Component>("Files", "Tag"),
-	id_map(), ignored(), current_file_id(), magic_state()
+	  current_file_id(), magic_state(), cumulative_files(0), max_files(0)
 	{
 	}
 
@@ -35,19 +35,8 @@ Manager::~Manager()
 
 	// Have to assume that too much of Bro has been shutdown by this point
 	// to do anything more than reclaim memory.
-
-	File* f;
-	bool* b;
-
-	IterCookie* it = id_map.InitForIteration();
-
-	while ( (f = id_map.NextEntry(it)) )
-		delete f;
-
-	it = ignored.InitForIteration();
-
-	while( (b = ignored.NextEntry(it)) )
-		delete b;
+	for ( const auto& entry : id_map )
+		delete entry.second;
 
 	delete magic_state;
 	}
@@ -69,19 +58,11 @@ void Manager::InitMagic()
 void Manager::Terminate()
 	{
 	vector<string> keys;
+	for ( const auto& entry : id_map )
+		keys.push_back(entry.first);
 
-	IterCookie* it = id_map.InitForIteration();
-	HashKey* key;
-
-	while ( id_map.NextEntry(key, it) )
-		{
-		keys.push_back(string(static_cast<const char*>(key->Key()),
-		                      key->Size()));
-		delete key;
-		}
-
-	for ( size_t i = 0; i < keys.size(); ++i )
-		Timeout(keys[i], true);
+	for ( const string& key : keys )
+		Timeout(key, true);
 
 	mgr.Drain();
 	}
@@ -329,7 +310,7 @@ File* Manager::GetFile(const string& file_id, Connection* conn,
 	if ( IsIgnored(file_id) )
 		return 0;
 
-	File* rval = id_map.Lookup(file_id.c_str());
+	File* rval = LookupFile(file_id);
 
 	if ( ! rval )
 		{
@@ -337,7 +318,12 @@ File* Manager::GetFile(const string& file_id, Connection* conn,
 		                source_name ? source_name
 		                            : analyzer_mgr->GetComponentName(tag),
 		                conn, tag, is_orig);
-		id_map.Insert(file_id.c_str(), rval);
+		id_map[file_id] = rval;
+
+		++cumulative_files;
+		if ( id_map.size() > max_files )
+			max_files = id_map.size();
+
 		rval->ScheduleInactivityTimer();
 
 		// Generate file_new after inserting it into manager's mapping
@@ -362,7 +348,11 @@ File* Manager::GetFile(const string& file_id, Connection* conn,
 
 File* Manager::LookupFile(const string& file_id) const
 	{
-	return id_map.Lookup(file_id.c_str());
+	const auto& entry = id_map.find(file_id);
+	if ( entry == id_map.end() )
+		return nullptr;
+
+	return entry->second;
 	}
 
 void Manager::Timeout(const string& file_id, bool is_terminating)
@@ -393,22 +383,21 @@ void Manager::Timeout(const string& file_id, bool is_terminating)
 
 bool Manager::IgnoreFile(const string& file_id)
 	{
-	if ( ! id_map.Lookup(file_id.c_str()) )
+	if ( ! LookupFile(file_id) )
 		return false;
 
 	DBG_LOG(DBG_FILE_ANALYSIS, "Ignore FileID %s", file_id.c_str());
 
-	delete ignored.Insert(file_id.c_str(), new bool);
+	ignored.insert(file_id);
 	return true;
 	}
 
 bool Manager::RemoveFile(const string& file_id)
 	{
-	HashKey key(file_id.c_str());
 	// Can't remove from the dictionary/map right away as invoking EndOfFile
 	// may cause some events to be executed which actually depend on the file
 	// still being in the dictionary/map.
-	File* f = static_cast<File*>(id_map.Lookup(&key));
+	File* f = LookupFile(file_id);
 
 	if ( ! f )
 		return false;
@@ -417,14 +406,15 @@ bool Manager::RemoveFile(const string& file_id)
 
 	f->EndOfFile();
 	delete f;
-	id_map.Remove(&key);
-	delete static_cast<bool*>(ignored.Remove(&key));
+	id_map.erase(file_id);
+
+	ignored.erase(file_id);
 	return true;
 	}
 
 bool Manager::IsIgnored(const string& file_id)
 	{
-	return ignored.Lookup(file_id.c_str()) != 0;
+	return ignored.find(file_id) != ignored.end();
 	}
 
 string Manager::GetFileID(analyzer::Tag tag, Connection* c, bool is_orig)
diff --git a/src/file_analysis/Manager.h b/src/file_analysis/Manager.h
index 67f84134ec..31eaf94ca0 100644
--- a/src/file_analysis/Manager.h
+++ b/src/file_analysis/Manager.h
@@ -5,6 +5,7 @@
 
 #include <string>
 #include <queue>
+#include <unordered_set>
 
 #include "Dict.h"
 #include "Net.h"
@@ -325,20 +326,17 @@ public:
 	std::string DetectMIME(const u_char* data, uint64 len) const;
 
 	uint64 CurrentFiles()
-		{ return id_map.Length(); }
+		{ return id_map.size(); }
 
 	uint64 MaxFiles()
-		{ return id_map.MaxLength(); }
+		{ return max_files; }
 
 	uint64 CumulativeFiles()
-		{ return id_map.NumCumulativeInserts(); }
+		{ return cumulative_files; }
 
 protected:
 	friend class FileTimer;
 
-	typedef PDict<bool> IDSet;
-	typedef PDict<File> IDMap;
-
 	/**
 	 * Create a new file to be analyzed or retrieve an existing one.
 	 * @param file_id the file identifier/hash.
@@ -407,8 +405,8 @@ private:
 
 	TagSet* LookupMIMEType(const string& mtype, bool add_if_not_found);
 
-	PDict<File> id_map;  /**< Map file ID to file_analysis::File records. */
-	PDict<bool> ignored; /**< Ignored files.  Will be finally removed on EOF. */
+	std::map<string, File*> id_map;  /**< Map file ID to file_analysis::File records. */
+	std::unordered_set<string> ignored; /**< Ignored files.  Will be finally removed on EOF. */
 	string current_file_id;	/**< Hash of what get_file_handle event sets. */
 	RuleFileMagicState* magic_state;	/**< File magic signature match state. */
 	MIMEMap mime_types;/**< Mapping of MIME types to analyzers. */
@@ -416,6 +414,9 @@ private:
 	static TableVal* disabled;	/**< Table of disabled analyzers. */
 	static TableType* tag_set_type;	/**< Type for set[tag]. */
 	static string salt; /**< A salt added to file handles before hashing. */
+
+	size_t cumulative_files;
+	size_t max_files;
 };
 
 /**
diff --git a/src/input/Manager.cc b/src/input/Manager.cc
index 46a1da1aa1..4b275c6b9b 100644
--- a/src/input/Manager.cc
+++ b/src/input/Manager.cc
@@ -153,31 +153,31 @@ Manager::EventStream::EventStream()
 
 Manager::EventStream::~EventStream()
 	{
-        if ( fields )
-                Unref(fields);
+	if ( fields )
+		Unref(fields);
 	}
 
 Manager::TableStream::~TableStream()
 	{
-        if ( tab )
-	        Unref(tab);
+	if ( tab )
+		Unref(tab);
 
-        if ( itype )
-	        Unref(itype);
+	if ( itype )
+		Unref(itype);
 
 	if ( rtype ) // can be 0 for sets
 		Unref(rtype);
 
-        if ( currDict != 0 )
+	if ( currDict != 0 )
 		{
 		currDict->Clear();
-	        delete currDict;
+		delete currDict;
 		}
 
-        if ( lastDict != 0 )
+	if ( lastDict != 0 )
 		{
 		lastDict->Clear();;
-	        delete lastDict;
+		delete lastDict;
 		}
 	}
 
diff --git a/src/re-scan.l b/src/re-scan.l
index 292f7a2e02..99dde0ca6c 100644
--- a/src/re-scan.l
+++ b/src/re-scan.l
@@ -85,14 +85,14 @@ CCL_EXPR	("[:"[[:alpha:]]+":]")
 			char* nmstr = copy_string(yytext+1);
 			nmstr[yyleng - 2] = '\0';  // chop trailing brace
 
-			const char* namedef = rem->LookupDef(nmstr);
+			std::string namedef = rem->LookupDef(nmstr);
 			delete nmstr;
 
-			if ( ! namedef )
+			if ( namedef.empty() )
 				synerr("undefined definition");
 			else
 				{ // push back name surrounded by ()'s
-				int len = strlen(namedef);
+				int len = namedef.size();
 
 				if ( namedef[0] == '^' ||
 				     (len > 0 && namedef[len - 1] == '$') )