Battery & Power Usage Log (CurrentPowerlog.PLSQL)
Location
private/var/containers/Shared/SystemGroup/.../Library/BatteryLife/CurrentPowerlog.PLSQLDescription
SQLite database maintained by the batterystats daemon logging detailed power consumption data per application and system component. Records app usage durations, screen-on time, CPU usage per process, network data transfer volumes, GPS usage, audio playback, and camera usage, all timestamped at regular intervals. The database contains multiple tables organized by power consumer type.
Forensic Value
The PowerLog database provides an independent record of application usage with timestamps that corroborates or supplements knowledgeC.db and Biome data. Network data transfer volumes per application can identify apps that transmitted or received unusually large amounts of data, relevant to data exfiltration investigations. GPS usage records per app reveal which applications were actively tracking location. Camera and microphone usage timestamps identify when recording may have occurred. The PowerLog often retains several weeks of historical data and captures app activity metrics that no other single artifact provides in one place.