Domain specific language best practices

Tobby P

New Member
Joined
May 11, 2018
Messages
2
Reaction score
1
Credits
0
I’m discussing usage of DSL (domain specific language) in security tools with my colleagues. We haven't been able to reach an agreement over naming conventions.

There are many tools using DSL: splunk, sumologic, elasticsearch and etc. But what are the best practices?

So for example how would you name each component of the following strings:

$ sudo readlink -f /bin/ls -n

I'd really appreciate if you guys could help me out.

You can answer here or fill out this simple Google form (few minutes) – https://docs.google.com/forms/d/e/1F...rm?usp=sf_link

Thanks.
 


I’m discussing usage of DSL (domain specific language) in security tools with my colleagues. We haven't been able to reach an agreement over naming conventions.

There are many tools using DSL: splunk, sumologic, elasticsearch and etc. But what are the best practices?

So for example how would you name each component of the following strings:

$ sudo readlink -f /bin/ls -n

I'd really appreciate if you guys could help me out.

You can answer here or fill out this simple Google form (few minutes) – https://docs.google.com/forms/d/e/1F...rm?usp=sf_link

Thanks.

I took a look through the examples in your google form and all of my answers were pretty much the same for each... So I figured I'd post here to try and get clarification on what you are looking for.

In the form, you had a selection of typical Unix type commands, like your 'sudo readlink ....' example.

Considering how I would name the components of the string:
"sudo readlink -f /bin/ls -n":

I suppose "sudo" would be a "privilege escalator"? I don't know if that's a term anybody else uses, but it kind of describes what it does - it allows an authorized user to be able to run a program/command as a more privileged user (root).

As for "readlink" - that would be a "command", or a "program"
"-f" and "-n" are "switches", or "options" and "/bin/ls" would be the "target", "main input" or "object of interest". IDK!

"-f", "-n" and "bin/ls" are also all "parameters" to the command/progam.

Is that the kind of thing you are after?

If so - then to me, all of your examples are pretty much the same - they consist of commands, parameters and inputs/targets/objects of interest.
And without going through the whole form, I'd guess you might have one or two commands with "outputs" specified too - either files, or directories, or devices to write results to. I don't know if you did anything involving pipes or redirection either.


If that's not what you were after, were you expecting words that describe the effect of each atomic part of the command strings?
e.g.
"sudo" run as root
"readlink" print resolved symbolic links or file-names
"-f" Canonicalize recursvely - all but the last component must exist
"/usr/ls" The file or symbolic link to canonicalize
"-n" no trailing newline in output


As for best practices - I'm a bit lost there!
I'm not sure there is a "best practice" for naming the atomic components of a Unix/Linux command string. I don't think most people would really think about it. It's certainly not something I'd spend any time worrying about.

But if I am describing how to perform a task in the terminal, I'll talk in terms of commands/programs and parameters, inputs, outputs and pipes/redirection etc.

Out of curiosity - what is this for?
What are you going to do once you have analysed the various terms people have used in their responses? Is there going to be some practical use for it?
 
Is that the kind of thing you are after?

Yes, exactly like this. 'readlink' - command, program, binary and etc. '-f' argument, parameter, flag and etc.

I'd appreciate if you could fill out the Google form (second part as well). I have examples of DSL queries there.

Out of curiosity - what is this for?

Two things:
1. Share results with community.
2. Improve usage of DSL inside of a tool I'm working on now.


Thanks for your reply!
 

Staff online

Members online


Top