I periodically need to look for a given string in one or more compressed log files. Taking the time (and resources) to decompress each file on the file system takes time, especially when I don’t plan to leave the file uncompressed. When these situations arise, I turn to my good friends gzcat and zgrep.
The zgrep utility allows you to look for a pattern in one or more compressed files. If you want to find the string “target port down” in a set of logs named sanlogs*.gz, you can do the following:
$ zgrep "target port down" sanlogs.gz
If zgrep finds the string, it will print it. Alternatively, you can use the gzcat utility to decompress the contents of a file prior to sending it to another tool for processing:
$ gzcat services.gz | tail -2
# 48557-49150 Unassigned
# 49151 IANA Reserved
Both tools are incredibly useful, and should be in every SysAdmins tool bag.