App Usage Statistics (UsageStats)
Location
/data/system/usagestats/0/ (XML files organized by daily/weekly/monthly/yearly)Description
XML-based usage statistics collected by the Android UsageStatsManager service, recording application usage events including foreground activity changes, configuration changes, and interactive state transitions. Data is organized into daily, weekly, monthly, and yearly rollup files, each containing package names with first and last timestamps and total time in foreground.
Forensic Value
UsageStats provides a comprehensive timeline of which applications were actively used and for how long, even when individual app databases have been cleared. The event log entries record precise timestamps for app foreground/background transitions, enabling reconstruction of the exact sequence of app usage throughout each day. This artifact is particularly valuable for establishing that a messaging app, camera, or other application was actively in use at a specific time. The data persists through app uninstallation and is maintained by the system service rather than individual apps.