This type of file can include various files, and most frequently, they appear as package files, applications, or installers. Unix-based operation system generally uses this format.
#LINUX UNTAR TAR.GZ ZIP#
So, the tar gz file format is a mixture of TAR packaging accompanied by a GNU zip (gzip) compression. Every modern browser can manage a gzip encoded response. GZip ( Gzip is a traditional data compression application formerly written by Jean-loup Gailly for the GNU project). What are tar and gz?įor generally acknowledged tar means “ Tape Archive.”
This type of file is broad used in the open-source world, like the zip format. It’s an important topic to learn because when we talk about Linux, it’s impossible not to notice the number of application packages compresses using tar gz files. Therefore, we need to use single quotes to prevent expanding variable names when starting tar. : 22:18:10 security alert: 10 times failed login from the same IPĪs the test above shows, we have three empty filenames in the output, as the shell variable $TAR_FILENAME doesn’t exist when we start the tar command. : 17:07:14 Security alert: 10 Permission Denied Requests from the same IP. : 22:08:14 security alert: 10 times failed login from the same IP So, for example, if we double-quote COMMAND, the $TAR_FILENAME variable will be expanded by the shell when invoking the tar command: $ tar xzf app_ -to-command="grep -label=$TAR_FILENAME -Hi 'security alert' true" This is because the TAR_* variables are assigned during tar‘s execution and passed to COMMAND. Therefore, we add the true command at the end to make COMMAND always return 0 and suppress those error messages.Īnother point we should note is we’ve wrapped COMMAND with single quotes. This messes up the output, which is definitely not what we want. Tar: Exiting with failure status due to previous errors Logs/app2/user.log: 22:08:14 security alert: 10 times failed login from the same IP $ tar xzf app_ -to-command='grep -label=$TAR_FILENAME -Hi "security alert"'
#LINUX UNTAR TAR.GZ ARCHIVE#
Therefore, zgrep can search the files’ content in a compressed archive, but it cannot tell which file inside the archive hits the match. Here, we use the -O option to ask the tar command to extract files to Stdout instead of disk. Simply put, zgrep uses gzip to decompress the files to Stdout and pipes it to grep to perform the search.īasically, it’s pretty similar to the command: tar xzfO app_ | grep -Hai 'security alert' That means we can read the source to understand how it works. usr/bin/zgrep: POSIX shell script, ASCII text executable Next, to figure out why it happens, we need to understand how zgrep works.įirst, zgrep is just a shell script: $ file $(which zgrep) However, if we take a closer look at the filenames in the output, we only see the tar.gz file’s name instead of the names of the log files in the archive.
Therefore, these three steps may increase the disk IO load dramatically. Also, the files in the archive can be much bigger than our example. However, in the real world, the tarball may contain a significant number of files. Our example has only four small log files. This can be the most straightforward way to achieve the goal. Doing a grep search on the extracted files.
Extracting all files from the tarball to a directory.The first idea that may come up for solving the problem is probably the three-step solution: Logs/app1/user.log: 22:18:10 security alert: 10 times failed login from the same IP Logs/app1/app.log: 17:07:14 Security alert: 10 Permission Denied Requests from the same IP. We expect to see three files in the result with the matched log entries: logs/app2/user.log: 22:08:14 security alert: 10 times failed login from the same IP
Now, let’s say we want to do a case-insensitive search in the app_ tarball to find out which log files contain “ security alert” messages.
0 kommentar(er)
