How To Read And Work On Gzip Compressed Log Files In Linux

Brief: This short tutorial shows you how to read those gzipped compressed log files on a Linux box.

On It’s FOSS I mostly discuss about desktop Linux. It’s because I use desktop Linux at home and mostly tinker with it. While at work, I (have to) use Windows 7 and connect to Linux machines via Putty. If you work in an enterprise sector as software engineer, you might be familiar with this kind of set up.

While working on the remote Linux boxes, I use command line extensively. Over the years, I have learned a few tips, tricks and best practices on Linux command line, on my own and from my colleagues alike.

And I have decided to share the same Linux command line tips with you on It’s FOSS. After all, It’s FOSS came into existence for the sole purpose of sharing Linux experience.

In this article, we shall see how can you read and work on gzipped files.

How to read Gzip compressed files in Linux command line

How To Read Gzipped Compressed Log Files In Linux

If you work on backend logs, you might have noticed that they are mostly compressed with .gz extension. This is not unusual because compressing the log files saves a lot of storage and thus saves the storage cost.

But unlike the regular text files where you can use cat to see all the content of the file or use grep command on it or use less to read the content without flooding your screen, compressed files cannot be used with the same regular Linux commands.

Don’t worry, because when you have gzipped files, you also have the powerful Z commands to work on them.

These Z commands provide a ‘Z’ equivalent of the regular file manipulation commands.

So, you get:

  • zcat for cat to view compressed file
  • zgrep for grep to search inside the compressed file
  • zless for less, zmore for more, to view the file in pages
  • zdiff for diff to see the difference between two compressed files

Best thing about using these Z commands is that you don’t have to extract the compressed files. It works directly on the compressed files.

Viewing compressed files with zcat

If you use cat, you can replace it with zcat. zcat is used in exactly the same manner as you use cat. For example:

zcat logfile.gz

This will display all the contents of logfile.gz without even extracting it. Actually, it does kind of extract it temporarily in /tmp but that’s not the same as an actual extraction, is it?

You can use regular less and more commands with zcat to see the output in pages:

zcat logfile.gz | less
zcat logfile.gz | more

If you don’t know if the file is compressed or not (i.e. files without .gz extension), you can use zcat with option -f. This will display the content of the file irrespective of whether it is gzipped or not.

zcat -f logfile.gz

Reading compressed files with zless and zmore

Same as less and more, you can use zless and zmore to read the content of the compressed files without decompressing the files. All the keyboard shortcuts of less and more works the same.

zless logfile.gz
zmore logfile.gz

Searching inside compressed files with zgrep

Grep is hell of a powerful command and I think one of the most used Linux commands. zgrep is the Z counterpart of grep that allows you to search inside gzipped compressed files without extracting it.

You can use it with all the regular grep options. For example:

zgrep -i keyword_search logfile.gz

Comparing compressed files with zdiff

While this might not be that useful on huge log files, you can use zdiff to see the difference between compressed files, in the same way as you use diff command.

zdiff logfile1.gz logfile2.gz

Speaking of diff, you may want to look at Meld GUI diff tool.

More tricks?

These are some of the commands that I use to work on compressed log files in Linux command line. What about you? You got some tricks up your sleeves regarding compressed files that you may want to share with us?

Similar Posts

  • gunzip -c will also unzip the file in memory and write the output to stdout. This can then be piped into other commands, for example

    gunzip -c abc.log.gz | more


    gunzip -c abc.log.gz | grep xyz

    Just an alternative way of achieving the same results

    • Yes, I’ve been using

      gunzip -c stuff.tar.gz | tar tvf – | less

      to see what’s in a .tar.gz (before replacing the ‘t’ with an ‘x’ to extract) since, like, 1990. The various “zxxxx” commands do look interesting, though.

  • Minor error:
    “You can use it with all the regular gerp options. For example:”
    “You can use it with all the regular grep options. For example:”