diff --git a/doc/broids/index.rst b/doc/broids/index.rst
index dd0a0e8b22..1d5f63ec7f 100644
--- a/doc/broids/index.rst
+++ b/doc/broids/index.rst
@@ -1,8 +1,3 @@
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/ftp/main.bro.html#id-FTP::parse_ftp_reply_code
-__ http://www.bro.org/sphinx-git/frameworks/sumstats.html
-__ http://www.bro.org/sphinx-git/frameworks/notice.html
-__ http://www.bro.org/sphinx-git/_downloads/detect-bruteforcing.bro
-__ http://www.bro.org/sphinx-git/scripts/policy/frameworks/files/detect-MHR.bro.html
 
 .. _bro-ids:
 
@@ -34,7 +29,8 @@ We start by defining a threshold for the number of attempts and a monitoring int
 		const bruteforce_measurement_interval = 15mins &redef;
 	}
 
-Now, using the ftp_reply event, we check for error codes from the `500 series <http://en.wikipedia.org/wiki/List_of_FTP_server_return_codes>`_ for the "USER" and "PASS" commands, representing rejected usernames or passwords. For this, we can use the `FTP::parse_ftp_reply`__ function to break down the reply code and check if the first digit is a "5" or not. If true, we then use the `SumStats`__ framework to keep track of the number of failed attempts.
+Now, using the ftp_reply event, we check for error codes from the `500 series <http://en.wikipedia.org/wiki/List_of_FTP_server_return_codes>`_ for the "USER" and "PASS" commands, representing rejected usernames or passwords. For this, we can use the :bro:see:`FTP::parse_ftp_reply_code` function to break down the reply code and check if the first digit is a "5" or not. If true, we then use the
+:ref:`Summary Statistics Framework <sumstats-framework>` to keep track of the number of failed attempts.
 
   .. code:: bro
 
@@ -73,7 +69,7 @@ exceeds the specified threshold during the measuring interval.
 			          	}]);
 		}
 
-Printing a message on the console is a good start but it will be better if we raise an alarm instead using the `Notice`__ framework. For this, we need to define a new Notice type and trigger the alarm under the right
+Printing a message on the console is a good start but it will be better if we raise an alarm instead using the :ref:`Notice Framework <notice-framework>`. For this, we need to define a new Notice type and trigger the alarm under the right
 conditions. Below is the final code for our script.
 
   .. code:: bro
@@ -139,7 +135,7 @@ conditions. Below is the final code for our script.
 			}
 		}
 
-As a final note, the `detect-bruteforcing.bro`__ script above is include with Bro out of the box, so you only need to load it at startup to instruct Bro to detect and notify of FTP bruteforce attacks.
+As a final note, the :doc:`detect-bruteforcing.bro </scripts/policy/protocols/ftp/detect-bruteforcing.bro>` script above is include with Bro out of the box, so you only need to load it at startup to instruct Bro to detect and notify of FTP bruteforce attacks.
 
 -------------
 Other Attacks
@@ -150,6 +146,6 @@ Checking files against known malware hashes
 -------------------------------------------
 Files transmitted on your network could either be completely harmless or contain viruses and other threats. One possible action against
 this threat is to compute the hashes of the files and compare them against a list of known malware hashes. Bro simplifies this task
-by offering a `detect-MHR.bro`__ script that creates and compares
+by offering a :doc:`detect-MHR.bro </scripts/policy/frameworks/files/detect-MHR.bro>` script that creates and compares
 hashes against the `Malware Hash Registry <https://www.team-cymru.org/Services/MHR/>`_ maintained by Team Cymru. You only need to load this 
 script along with your other scripts at startup time.
diff --git a/doc/frameworks/file-analysis.rst b/doc/frameworks/file-analysis.rst
index 50fb89317c..e70b124af7 100644
--- a/doc/frameworks/file-analysis.rst
+++ b/doc/frameworks/file-analysis.rst
@@ -1,3 +1,6 @@
+
+.. _file-analysis-framework:
+
 =============
 File Analysis
 =============
diff --git a/doc/frameworks/notice.rst b/doc/frameworks/notice.rst
index fe94d7f2ca..2c20149ce5 100644
--- a/doc/frameworks/notice.rst
+++ b/doc/frameworks/notice.rst
@@ -1,4 +1,6 @@
 
+.. _notice-framework:
+
 Notice Framework
 ================
 
diff --git a/doc/frameworks/sumstats.rst b/doc/frameworks/sumstats.rst
index 6ab2f43b35..aaed35be29 100644
--- a/doc/frameworks/sumstats.rst
+++ b/doc/frameworks/sumstats.rst
@@ -1,3 +1,6 @@
+
+.. _sumstats-framework:
+
 ==================
 Summary Statistics
 ==================
diff --git a/doc/httpmonitor/index.rst b/doc/httpmonitor/index.rst
index 41f9dd955c..9b640c63ec 100644
--- a/doc/httpmonitor/index.rst
+++ b/doc/httpmonitor/index.rst
@@ -1,5 +1,3 @@
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/http/main.bro.html
-__ http://www.bro.org/sphinx-git/frameworks/file-analysis.html
 
 .. _http-monitor:
 
@@ -43,7 +41,8 @@ point, we would like to stress out the fact that there is no just one right way
 depend on the expertise of the person doing the analysis and the specific details of the task to accomplish.
 
 For more information about how to handle the HTTP protocol in Bro, including a complete list 
-of the fields available in http.log, go to Bro's HTTP reference `page`__.
+of the fields available in http.log, go to Bro's
+:doc:`HTTP script reference </scripts/base/protocols/http/main.bro>`.
 
 ------------------------
 Detecting a Proxy Server
@@ -219,8 +218,9 @@ Inspecting Files
 
 Files are often transmitted on regular HTTP conversations between a client and a server. Most of the time these files are harmless, 
 just images and some other multimedia content, but there are also types of files, specially executable files, that can damage
-your system. We can instruct Bro to create a copy of all executable files that it sees for later analysis using the `File Analysis
-Framework`__ (introduced with Bro 2.2) as shown in the following script.
+your system. We can instruct Bro to create a copy of all executable files that it sees for later analysis using the
+:ref:`File Analysis Framework <file-analysis-framework>`
+(introduced with Bro 2.2) as shown in the following script.
 
     .. code:: bro
 
diff --git a/doc/index.rst b/doc/index.rst
index 98006034c2..3da35e7b7a 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -44,8 +44,6 @@ Reference Section
 
 ..
 
-* `Notice Index <bro-noticeindex.html>`_ (TODO: Move to reference
-  section, but can't figure out how to include it into toctree)
 * :ref:`General Index <genindex>`
 * :ref:`search`
 
diff --git a/doc/logs/index.rst b/doc/logs/index.rst
index a6844d6e03..b71546db72 100644
--- a/doc/logs/index.rst
+++ b/doc/logs/index.rst
@@ -1,19 +1,9 @@
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/http/main.bro.html#type-HTTP::Info
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/ftp/info.bro.html#type-FTP::Info
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/ssl/main.bro.html#type-SSL::Info
-__ http://www.bro.org/sphinx-git/scripts/policy/protocols/ssl/known-certs.bro.html#type-Known::CertsInfo
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/smtp/main.bro.html#type-SMTP::Info
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/dns/main.bro.html#type-DNS::Info
-__ http://www.bro.org/sphinx-git/scripts/base/protocols/conn/main.bro.html#type-Conn::Info
-__ http://www.bro.org/sphinx-git/scripts/base/frameworks/dpd/main.bro.html#type-DPD::Info
-__ http://www.bro.org/sphinx-git/scripts/base/frameworks/files/main.bro.html#type-Files::Info
-__ http://www.bro.org/sphinx-git/scripts/base/frameworks/notice/weird.bro.html#type-Weird::Info
 
-.. _using-bro:
+.. _bro-logging:
 
-=========
-Using Bro
-=========
+===========
+Bro Logging
+===========
 
 .. contents::
 
diff --git a/doc/mimestats/index.rst b/doc/mimestats/index.rst
index 903131acd5..88499a5d6e 100644
--- a/doc/mimestats/index.rst
+++ b/doc/mimestats/index.rst
@@ -1,4 +1,3 @@
-__ http://www.bro.org/sphinx-git/frameworks/sumstats.html
 
 .. _mime-stats:
 
@@ -12,17 +11,17 @@ non-text attachments on email, it is also used by Web browser to identify the ty
 
 In this tutorial, we will show how to use the Sumstats Framework to collect some statistics information based on MIME types, specifically the total number of 
 occurrences, size in bytes, and number of unique hosts transmitting files over HTTP per each type. For instructions about extracting and creating a local copy 
-of these files, visit `this <../httpmonitor/index.html#inspecting-files>`_ tutorial instead.
+of these files, visit :ref:`this <http-monitor>` tutorial instead.
 
 ------------------------------------------------
 MIME Statistics with Sumstats
 ------------------------------------------------
-When working with the `Sumstats`__ framework, you need to define three different pieces: (i) Observations, where 
+When working with the :ref:`Summary Statistics Framework <sumstats-framework>`, you need to define three different pieces: (i) Observations, where 
 the event is observed and fed into the framework. (ii) Reducers, where observations are collected and measured. (iii) Sumstats, where the main functionality 
 is implemented.
 
 So, we start by defining our observation along with a record to store all statistics values and an observation interval. We are conducting our observation on 
-the `HTTP::log_http` event and we are interested in the MIME type, size of the file ("response_body_len") and the originator host ("orig_h"). We use the MIME 
+the :bro:see:`HTTP::log_http` event and we are interested in the MIME type, size of the file ("response_body_len") and the originator host ("orig_h"). We use the MIME 
 type as our key and create observers for the other two values.
 
   .. code:: bro