Hey guys, not sure should I post it here or in 'What is on Your Mind?'
I'm discussing usage of DSL (domain specific language) in security tools with my colleagues. We haven't been able to reach an agreement over naming conventions.
There are many tools using DSL: splunk, sumologic, elasticsearch and etc. But what are the best practices?
So for example how would you name each component of the following strings:
$ sudo readlink -f /bin/ls -n
$ ps aux
$ cat -a foobar.txt
I'd really appreciate if you guys could help me out.
:wall: You can answer here. Or I have a Google form, which I'd like you to fill out. But I'm not allowed to post URL's yet 
Thanks.
So you have log management system, and you wonder how will you name logs that arrive at that central system ?
Stuff you posted are commands doing what a human or script instructed them on the box monitored.
Some of them read plain files, others inspect processes or follow links.
More or less standard stuff a user or administrator would do on a system, if allowed by permissions (files/directory permissions, ability to connect to machine etc.)
I'm not sure what kind of best practice advice you require.
Can you specify to more detail perhaps ?
And welcome to the forums 
Regards
Peasant.
1 Like
Thanks 
Almost 
I'm developing a visibility tool and I'm planning to use DSL in similar way splunk and sumologic do. Although, not as complex.
So I need to know how to refer to "sudo", "ls", "echo" or etc. Mainly what is the most common way to call different parts of a string user typed.
I'm not interested in what command can do, but how do you name them.
---------- Post updated at 09:54 AM ---------- Previous update was at 09:52 AM ----------
Maybe this will help � Domain specific language questionnaire
I put everything inside Google form (doesn't collect emails or personal info).