跪拜 Guibai
← All articles
Android · Android Studio · Android Jetpack

Tencent's XLog Remains the Only Self-Contained Android Logging Library That Doesn't Lock You Out of Your Own Data

By 李斯维 ·
Read original on juejin.cn ↗ Google Translate ↗ Alt translation

A logging library that encrypts your own data and refuses to give you a key is a liability, not a feature. XLog's standalone decoder means incident response stays under your control — no dependency on a vendor's server, no forced workflow, no lock-in.

Summary

Business-heavy Android apps break in ways that never produce a crash report. A wrong price, a missing discount, a skipped step in a checkout flow — none of these trigger a stack trace, but they all destroy trust. Online logging frameworks exist to capture those silent failures, and the field on Android has narrowed to two real contenders: Tencent's XLog and Meituan's Logan. Both use mmap-backed storage with AES encryption to avoid the I/O bottlenecks that make file-based logging dangerous in production.

Logan is better maintained and ships with a full log-retrieval pipeline, but it encrypts everything by force and provides no standalone decoder. You decrypt logs only through Logan Server, which means adopting Meituan's entire backend workflow just to read a file. XLog, abandoned publicly since 2018, still works. Its AAR compiles, its .so files cover the two ARM ABIs that matter, and a single Python script turns any .xlog binary back into readable text.

Integration requires pulling the AAR from a third-party mirror or storing it locally, adding ProGuard rules the official docs omit, and limiting ndk abiFilters to armeabi-v7a and arm64-v8a. Once initialized with separate cache and log directories, the API mirrors android.util.Log levels and supports async or sync flushing. The trade-off is clear: a stale but self-contained library beats an actively maintained one that holds your data hostage.

Takeaways
XLog writes logs via mmap to avoid the I/O overhead that causes jank and ANRs in production.
Logan encrypts all output and requires its own server-side pipeline to decrypt; no standalone decoder exists.
XLog provides a Python script that converts any .xlog binary into plaintext without external services.
Encryption in XLog is optional — a plaintext mode exists for debugging, while Logan fails to initialize without a key.
XLog's public repository has been unmaintained since 2018, but the AAR still compiles and runs on modern Android.
The AAR only ships armeabi-v7a and arm64-v8a .so files; ndk abiFilters must be restricted accordingly.
Official documentation omits required ProGuard rules; without them, release builds fail to initialize.
XLog uses a global singleton with static methods, so multiple libraries using it can cause configuration conflicts.
The library is not on Maven Central; the only public mirror is a third-party JFrog repository, making local AAR storage the safer choice.
Conclusions

Log encryption without a standalone decoder is a form of vendor lock-in dressed as security — it forces adoption of an entire backend stack just to read a file.

XLog's abandonment is a feature, not a bug: a library frozen in time avoids the churn that breaks integrations, as long as the core mechanism (mmap + zlib) remains stable.

The real cost of Logan isn't technical complexity but organizational dependency — incident response now requires a server to be up, authenticated, and reachable.

Most Android logging libraries are just logcat wrappers; the jump to mmap-based persistence is what separates toy logging from production forensics.

Tencent's pattern of publishing then abandoning open-source projects creates a scavenger economy where developers extract value from orphaned code long after the corporate sponsor has moved on.

ProGuard rules being absent from official docs but required for release builds is a signal that the library was tested internally in a debug-only workflow and never hardened for external distribution.

Concepts & terms
mmap logging
Using memory-mapped files to write logs, where the OS handles paging data between memory and disk. This avoids explicit write syscalls and reduces I/O overhead, preventing UI jank during heavy logging.
AES encryption in logging
Encrypting log data at rest using the Advanced Encryption Standard. XLog makes this optional; Logan enforces it and ties decryption to its own server, meaning you cannot read your own logs without the Logan backend.
ANR (Application Not Responding)
An Android system dialog shown when an app's main thread is blocked for too long (typically 5 seconds). Synchronous disk I/O on the main thread is a common cause.
16K page alignment
Android's move from 4KB to 16KB memory pages. Native libraries (.so files) compiled for 4KB pages may fail to load on 16KB-page devices unless recompiled with proper alignment.
ProGuard / consumerProguardFiles
Android's code shrinking and obfuscation tool. Libraries ship ProGuard rules via consumerProguardFiles so their JNI classes and native methods are not renamed or removed during release builds.
From the discussion

The discussion pivots on a claimed practical obstacle with XLog: its lack of 16KB page alignment, which one commenter calls more troublesome than Logan's server-side decryption dependency. Counterpoints argue the alignment problem is trivial — solvable through a CMake flag, zipalign, recompilation, or a quick AI-assisted fork.

XLog's failure to maintain 16KB alignment is a more serious practical problem than Logan's decryption dependency.
Logan's decryption logic can be extracted from the server side, making its dependency less of a lock-in than the article implies.
16KB alignment in XLog is easily fixed by adding a CMake option, using zipalign, or recompiling.
Forking XLog and repackaging for 16KB alignment is straightforward, especially with AI assistance.
Featured comments
zc_c

Logan's decryption logic can just be copied out from the server side. On the contrary, the real headache with XLog is that it doesn't maintain 16KB alignment and other such issues [sweat]

黄牛

16KB compilation — just add an option in CMake.

李斯维

This can be solved with zipalign or by recompiling.

See top comments, translated →
Source: juejin.cn ↗ Google Translate ↗ Backup ↗