query on count

zgrep 'XYZ|AB|MASTER' AAAA.log.20180904.gz | grep '|[1-9][0-9][0-9][0-9][0-9]|0000' | wc -l

can you please advise what is the meaning of above zgrep command

where i can find, practice and learn above kind of commands

how grep and egrep are different

how to learn regular expressions used in queries

Please advise
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

zgrep has the same behavior as grep with z representing that it is searching within a compressed archive.

First it looks for a combination of patterns with | representing a logical or

I would suggest to understand, it is best to see what the output of the zgrep.
zgrep 'XYZ|AB|MASTER' AAAA.log.20180904.gz | head -10
The above will show you the first 10 lines of data.

Then try
zgrep 'XYZ|AB|MASTER' AAAA.log.20180904.gz | grep '|[1-9][0-9][0-9][0-9][0-9]|0000' | head -50

The pattern in second [1-9] means a litteral match to a number from 1 to 9
When staggered as in this example it looks for abcde that can be from 10000-99999 or 0000
It looks for matches of an earlier scan, that includes a number in that range or 0000
It then counts the number of occurances.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rahul ShendeJr. Linux System AdministratorCommented:
gudii9Author Commented:
grep '|[1-9][0-9][0-9][0-9][0-9]|0000' | wc -l

does it find transactions taking more than 20 seconds?

how to make to find transactions taking more than 30 seconds

how to make to find transactions taking more than 50 seconds

how to make query to nd transactions taking more than 60 seconds between 11:43 to 22:15 on 09/05/2018
please advise
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

gudii9Author Commented:
how awk different from regular expression?
the above is looking for a pattern of numbers,
you have to post the line that is returned to determine what it means.

AWK is a text processor it can use a regular expression,

awk -F ' (check condition) { print } ' filename

post a line from the log
(though you currently use a compressed archive as the starting point.)

then ask your question based on the information

regualr expressions are a way to search for patterns rather than specific words..

awk is command similar to cut while regular expression is implemented in many different environments
i.e. [0-9] means search for a number between 0 and 9

there are many resources. I find it best to learn when I need something done.

versus learning in the abstract.
gudii9Author Commented:
the above is looking for a pattern of numbers,
you have to post the line that is returned to determine what it means.

it reurned

which means number of transactions 142 taking more than 30 seconds
gudii9Author Commented:
any good video tutorials around these topics to understand deeply and better?
the output of wc -l return a line number count.

To address your question on regular expression one needs to see the input which are the actual lines
i.e. the output of zgrep
then the output of the earlier line passed though  grep.

based on these sets of data we can answer whether the end count which in the snapshot is 142 means that there were 142 instances that took longer than 20 seconds, it might appear so, but it might not be the basis on which the current basis of information.


these are no uniformly implemented in terms of if you use perl the reg ex might deviate slightly. tcl/tk
sql, etc.

I've seen complex variation where you can span multiple lines or get data through the query spannning multiple lines...

use what you have
run the first command and see the output.
run the first passing

Explore the data you have as I suggested so that you can see what the zgrep command does and its results.
Then run the first passing the data to the grep secodary command and then see what it shows.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.