Back to Commands

zegrep

file managementLinux/Unix

The zegrep command is one of the most frequently used commands in Linux/Unix-like operating systems. zegrep Search compressed files for extended regular expressions

See Examples View Syntax

Quick Reference

Command Name:

zegrep

Category:

file management

Platform:

Linux/Unix

Basic Usage:

zegrep [options] [arguments]

Common Use Cases

Syntax

zegrep [options] pattern [file...]

Options

The zegrep command accepts the same options as the regular egrep command, since it's a wrapper around egrep for compressed files:

Option	Description
`-A NUM`	Print NUM lines of trailing context after matching lines
`-B NUM`	Print NUM lines of leading context before matching lines
`-C NUM`	Print NUM lines of output context
`-c`	Print only a count of matching lines per file
`-E`	Use extended regular expressions (implied by zegrep)
`-e PATTERN`	Use PATTERN as the pattern (useful when pattern starts with -)
`-i`	Ignore case distinctions
`-l`	Print only names of files with matches
`-n`	Print line number with output lines
`-o`	Show only the part of a line matching the pattern
`-v`	Select non-matching lines
`-w`	Match only whole words
`--color`	Use markers to highlight the matching strings

Supported File Formats

The zegrep command can handle compressed file formats:

Extension	Format
`.gz`	gzip compressed files
`.Z`	compress (LZW) compressed files (on some systems)

Examples

How to Use These Examples

The examples below show common ways to use the zegrep command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.

# Basic Examples Basic

# Search for a pattern in a compressed file zegrep "error|warning" logfile.gz

# Search for a pattern in multiple compressed files zegrep "^[0-9]+" file1.gz file2.gz

# Advanced Examples Advanced

# Search for lines that start with "user" followed by any number zegrep "^user[0-9]+" users.log.gz

# Search for email addresses in a compressed file zegrep "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}" data.gz

# Search with case insensitivity zegrep -i "failed|error" system.log.gz # Show only the matching part of lines zegrep -o "IP: [0-9.]+" access.log.gz # Count the number of lines that match the pattern zegrep -c "(GET|POST) /api" webserver.log.gz # Show line numbers with matches zegrep -n "exception" application.log.gz

Try It Yourself

Practice makes perfect! The best way to learn is by trying these examples on your own system with real files.

Understanding Syntax

Pay attention to the syntax coloring: commands, options, and file paths are highlighted differently.

Notes

The `zegrep` command is a specialized utility that allows users to search for patterns using extended regular expressions within compressed files without having to explicitly decompress them first. It combines the functionality of `egrep` (or `grep -E`) with the ability to work directly on compressed files. **Purpose and Functionality:** 1. **Transparent Decompression**: `zegrep` automatically handles the decompression process, allowing users to search compressed files as if they were uncompressed. 2. **Extended Regular Expressions**: Unlike basic `grep`, `zegrep` uses extended regular expression syntax by default, providing more powerful pattern matching capabilities. 3. **Multiple File Support**: The command can search through multiple compressed files in a single operation, reporting matches with filenames. 4. **Format Support**: It primarily works with gzip-compressed files (`.gz` extension), but depending on the implementation, may also support other compression formats. **Extended Regular Expression Features:** The primary advantage of `zegrep` over basic `zgrep` is its support for extended regular expressions, which include: 1. **Alternation**: Using the `|` operator to match either of multiple patterns (e.g., `error|warning`). 2. **Grouping**: Using parentheses `()` to group parts of patterns together. 3. **Quantifiers**: More flexible repetition operators like `+` (one or more), `?` (zero or one), and `{n,m}` (between n and m occurrences). 4. **Character Classes**: Support for predefined character classes and custom character sets. **Implementation Details:** 1. **How It Works**: `zegrep` is typically implemented as a shell script that: - Decompresses the input files on-the-fly using tools like `gzip -dc` - Pipes the decompressed content to `egrep` (or `grep -E`) - Handles appropriate passing of command-line options 2. **Relation to Other Commands**: `zegrep` is part of a family of z-prefixed commands for working with compressed files: - `zgrep`: Basic grep for compressed files - `zfgrep`: Fixed-string grep (fgrep) for compressed files - `zcat`: Display contents of compressed files - `zdiff`: Compare compressed files **Common Use Cases:** 1. **Log Analysis**: System administrators frequently use `zegrep` to search through compressed log files for error patterns, IP addresses, or specific events. 2. **Data Mining**: When working with compressed datasets, `zegrep` allows for quick extraction of specific patterns or records. 3. **Code Searching**: Developers may use `zegrep` to search through compressed source code archives or backups. 4. **Configuration Auditing**: Searching through compressed configuration backups for specific settings or patterns. **Benefits Over Manual Methods:** 1. **Convenience**: Eliminates the need to manually decompress files before searching and then clean up afterward. 2. **Disk Space Efficiency**: Avoids the need for additional disk space to store decompressed versions of files. 3. **Workflow Integration**: Easily integrates into scripts and command pipelines for automated log analysis and data processing. **Practical Tips:** 1. **Case-Insensitive Searching**: Use the `-i` option for case-insensitive matching: ``` zegrep -i "error|exception" application.log.gz ``` 2. **Contextual Output**: Display lines before and after matches to see context: ``` zegrep -A 2 -B 2 "database failure" system.log.gz ``` 3. **Count Occurrences**: Count occurrences of patterns rather than displaying the actual matches: ``` zegrep -c "login failed" auth.log.gz ``` 4. **Multiple Pattern Matching**: Use alternation to match multiple patterns: ``` zegrep "GET|POST|PUT|DELETE" access.log.gz ``` **Historical Context:** The `zegrep` command, like other z-prefixed commands, emerged as part of the suite of utilities designed to work with compressed files as compression became more widely used to save disk space in Unix/Linux systems. The name follows the Unix naming convention where the prefix indicates the compression format (z for gzip) and the base name indicates the operation (egrep for extended regular expression grep). In summary, `zegrep` is a powerful utility that combines the pattern-matching capabilities of extended regular expressions with the ability to work directly on compressed files, making it an invaluable tool for system administrators, developers, and data analysts working with compressed textual data.

Related Commands

These commands are frequently used alongside zegrep or serve similar purposes:

Explore All Commands

Use Cases

Learn By Doing

The best way to learn Linux commands is by practicing. Try out these examples in your terminal to build muscle memory and understand how the zegrep command works in different scenarios.

See Examples Try Lab Exercises

$ zegrep

View All Commands