XPI Inspector

How-to guide
XPI Inspector version: 4.5

1. Deploy XPI Inspector web application on the SAP System by downloading the
xpi_inspector_ear.ear file from SAP Note: 1514898.
If you download the ear file from the web version of the note then the downloaded file will receive
wrong “zip” file extension. In that case change the extension of the file from “zip” to “ear” right after the
download and before the deployment. The name of the deployed web application is: “XPI Inspector App”

2. Open the start page of the application by using the following url address:
http(s)://<host>:<port>/xpi_inspector
Only a user with role “administrator” is allowed to use the application. By default it is password
protected with no check for SAP Logon Ticket.
Always look for a tooltips or help button to get more information about a given feature on the fly.

XPI Inspector’s start page:

You can check what version of the application is already deployed on your system by using menu “About”. It is highly
recommend always using the latest version indicated in the title of this document and available for download from SAP Note:
1514898. SAP will keep this information updated on each new version released. Use the e-mail address from the menu “About”
if you need additional support or use CSS component “BC-XI-CON-AFW”.
XPI Inspector keeps all generated files in SAP System’s global directory of the Central Java Instance under the folder named:
“xpi_inspector”. All files are stored encrypted on the file system and can be read only if the result file is downloaded from XPI
 Inspector application deployed on that system. It is highly recommend always keep this directory clean and delete all obsolete
results by using menu “History”.

For security reason (in order to avoid writing a lot of information in the default trace file) XPI Inspector by default disables
writing the traces in the default trace file during the time it is started. You can switch this off (thus traces will be written in
the default trace as well) by using menu “Options” from the start page. The only way to see the traces during this time is to
use the ZIP file generated by the tool during given inspection. This zip file is stored encrypted on the file system and the only
way to see its content is if you download it by the XPI Inspector deployed on this system.

Usage
Using XPI Inspector application you will be able to collect a lot of information about your
system that will help you to learn about problems in the past, to analyze new and detect such
at an early stage.
To perform an inspection do the following simple steps:
1. Select so called “example”. Each example corresponds to a given area of problems.
Some examples require additional parameters to be specified.
Some examples or additional options are XI related only and will not be visible if your system does not have
usage type: PI.

Available Examples:
Id Name Problem Area XI Additional
related Params
1 CPA Cache XI CPA Cache X -
11 Authentication, SSL & PP Login, WSS, SSL, XI Principal Propagation optional
18 RWB TREX, Alerting, XML DAS, Runtime Workbench X
19 Mapping Runtime XI Mapping Runtime debug tracing X
30 XI Adapter XI Adapter Type debug tracing X X
40 XI Message XI Message Processing debug tracing X X
50 XI Channel XI Channel(s) and their message processing X X
51 Performance Problem Thread Dumps, JVM Profiling, Memory Usage X
52 Authorization & Session Denied access to the system due to insufficient
Management authorization rights
60 JEE Service JEE Service(s) debug tracing X
70 JEE Application JEE Application(s) debug tracing X
80 Default Trace View traces written in the default trace file from the X
past.
100 Custom Custom defined set of log locations and log X
categories for debugging.
2. Select one or more additional options (check boxes) depending on your needs:
Additional Options:
Option Name Usage XI
Related
Collect traces from Messaging Debugging XI Messaging System and check its state X
System
Collect traces from XI Module Debugging XI Modules X
Processor
Collect traces from HTTP HTTP requests/responses
Provider
Collect Open SQL statements Track Database access
Collect JCO traces Debugging RFC calls
Check SAP System State XI Statistics, Enqueue locks, GC History, Heap Memory, Threads, Alerts, …

3. Start the inspection by clicking button “Start”. If the problem is reproducible then
initiate its occurrence again by reproducing the failed scenario. Once the problem
occurred click button “Stop”. If the problem is not reproducible then simply click button
“Stop”.
For some examples XPI Inspector will stop automatically once the information is gathered. However
you can still interrupt this behavior by using button “Stop”. XPI Inspector will automatically stop for the
following examples when the corresponding condition is met:
80 (Default Trace) – when all traces from the selected time interval are read.
51 (Performance Problem) - only if the number of thread dumps is greater than 0 and all thread dumps are
triggered.

4. In the result page click the link next to the information icon on top of the page to
download the result as zipped content. Save the file on the file system and attach it to
the OSS Message. Send the message to SAP for further analyzing.
The generated zip file has absolutely the same content as visible in the result page. XPI Inspector does
not do any modifications on the system and does not collect any security sensitive information like
passwords, private certificates or payloads except the information containing in the default traces and
written by a given software component there.

5. Reading the result:

The content of the result page (the information gathered from the tool during the
inspection) is highly dependent from the selected example, its parameters, additional
options, SAP System release and the configuration of the selected objects. Here we will
explain one possible view of this page and will indicate what option must be selected in
advance in order to get this information.
More information about how to read the traces can be found here.

6. You can configure the tool to start the inspection when specific condition is met. You
can do this by using menu “Options” from the start page:
The XPI Inspector can collect maximum 400 000 traces. In the result page they are
displayed like set of pages with maximum 20 000 traces per page.
The tool will stop automatically if the inspection is started but not stopped for more
than 24 hours.
Information to get Example to use Additional option to use
SAP System Info and deployed SCs * -
Deployed SDAs * SAP System State
Messaging System Health Check, including: * SAP System State,
- XI Held Messages with status (EOIO Message Processing) Messaging System
- All Running Background Jobs
- Audit Logs Statistics
- Messages in DB with status and size
- Messages in Message Store
- Scheduled Messages
- Messaging System’s queues and their threads
SAP Java Cluster Messages * SAP System State
Enqueue Locks * SAP System State
JVM Parameters per Java Instance * -
Alerts from Monitoring per Java Instance * SAP System State
ABAP Work Processes status * SAP System State
ABAP System Logs * SAP System State
ICM Traces & ICM Logs per Java Instance * HTTP Provider
Default Traces per server node * -
Messaging System Logs (XI Logs) per server node * -
HTTP Traces per server node * HTTP Provider
JCO Traces per server node * JCo by Trace Level
Open SQL Traces per server node * Open SQL
Java Threads status & stack per server node * SAP System State
Used Heap Memory per server node * SAP System State
Java GC History per server node * SAP System State
Performance Traces (SAP VM Profiling) per server node 51 -
Memory Allocation Traces (SAP VM profiling) per server 51 -
Full Thread Dumps with viewer per server node 51 -
XI Channel configuration, logs and traces 50 -
XI Message details, audit logs and processing steps with 40 -
traces
XI CPA Cache content and traces 1 -
Authentication stack, HTTPS calls, Principal Propagation, 11 -
SSL Handshake
XI Archiving, XI Alerting, RWB, XML DAS Service 18 -
SAP J2EE Service properties and debug tracing 60 -
SAP J2EE Application properties and debug tracing 70 -
Reading default traces from the past 80 -
Define your own set of log locations and/or log categories 100 -
Registered Security Providers 11 -
Is XI Message Overview Activated? 18 -
 Samples by Examples

1. Example: 1 (CPA Cache)

2. Example: 11 (Authentication, SSL & PP)
3. Example: 18 (RWB)
4. Example: 40 (XI Message)
5. Example: 50 (XI Channel)
6. Example: 51 (Performance Problem)
7. Example: 60 (JEE Service)
8. Example: 70 (JEE Application)
9. Example: 80 (Default Trace)
10. Example: 100 (Custom)
Example: 1 (CPA Cache)
Selection screen:

Result Screen (Performed Checks):

1. Checks whether the CPA Cache content is the same cross the whole cluster.
2. Link to the full CPA Cache content on one random server node only.
Example: 11 (Authentication, SSL & PP)
Selection screen:
Note that SSL server URL address is an optional parameter and must be specified only if you want to check ssl
handshake with a remote ssl server and local j2ee client.

Result Screen (Performed Checks):

1. View the registered security providers during the current inspection. IAIK is the default one:

2. Check SSL Server’s certificate and its ssl handshake with j2ee client:
 During this check XPI Inspector performs dummy https call to the specified ssl server and executes ssl
handshake.

3. Check if ssl server’s certificate is trusted by j2ee client:

4. Check Principal Propagation configuration:

During this check XPI Inspector performs JCO call to IS (ABAP) in order to verify the SSO2 trust between
Java AE and ABAP IS.
Example: 18 (RWB)
Selection screen:

Result Screen (Performed Checks):

1. Check if the Message Overview feature is activated.
Example: 40 (XI Message)
Selection screen:

Result Screen (Performed Checks):

1. Link to the XI Message with information about its details, audit logs and processing flow.
2. Link to the channels with their configuration attributes as specified in the Integration Directory and
involved in the specified XI message processing. Channel’s logs are also displayed.
Depending of the type of the channel some additional checks will be executed. For instance if the channel
is SOAP and configured to call an WS provider by https then dummy HTTPS call will be performed by the
XPI Inspector to the same server in order to verify the ssl handshake.
The field “MS Health Check” will collect information about all messages processed by this channel and still
in the Messaging System if one of the two additional options: “Collect Information about SAP System
State” or “Collect traces from Messaging System” was selected.
Example: 50 (XI Channel)
Selection screen:
1. Type a part from the channel name in the input field and click “Search”.
2. Select the channel(s) you would like to use.
3. Click the button “Add Selected” in order to add the marked channels to the list of the channels to be
inspected.

Result Screen (Performed Checks):

1. Link with the channel name will show the configuration of the channel and its logs.
Depending of the type of the channel some additional checks will be executed. For instance if the
channel is SOAP and configured to call an WS provider by https then dummy HTTPS call will be performed
by the XPI Inspector to the same server in order to verify the ssl handshake.
2. The field “MS Health Check” will show information about all messages processed by this channel and still
in the Messaging System. This information will be collected only if one of the two additional options:
“Collect Information about SAP System State” or “Collect traces from Messaging System” was selected
before start of the inspection.
3. The field “Last 3 Messages processed by the channel during current inspection” will link to the details,
status, audit logs and message processing flow of the last 3 messages processed if there are such.
Example: 51 (Performance Problem)
Selection screen:
This example gives you capability to identify a performance problem related to the memory usage or java threads.
It is visible only if the VM provider is SAP.
If you would like to collect thread dumps specify the number of dumps greater than 0 and the interval between
them in seconds. If you do not want to collect thread dumps then specify 0.
If you would like to collect information about threads and measure their performance by using SAP JVM profiling
capability check the box named “Enable SAP JVM Performance Tracing”.
If you would like to collect information about objects stored in Java heap memory by using SAP JVM profiling
capability then check the box named “Enable SAP JVM Memory Allocation Traces”
Example: 60 (JEE Service)
Selection screen:
1. Type a part from the service name in the input field and click “Search”.
2. Select the service(s) you would like to use.
3. Click the button “Add Selected” in order to add the marked services to the list of the services to be
inspected.

Result Screen (Performed Checks):

XPI Inspector automatically checks whether all properties of the service are the same for all server
nodes. Properties that are not the same are colored in yellow and the state of the service is marked as
error.
Example: 70 (JEE Application)
Selection screen:
1. Type a part from the application name in the input field and click “Search”.
2. Select the application(s) you would like to use.
3. Click the button “Add Selected” in order to add the marked applications to the list of the applications
to be inspected.
Example: 80 (Default Trace)
Selection screen:
1. Select a single date in format year/month/day.
2. Select a time interval for previously selected date.
3. Specify the minimum severity used to collect log records. If you specify “Debug” then all records from
the specified time interval will be read. If you specify “Error” then only records with severity “Error”
or “Fatal” will be read. Using “Warning” will collect only records with severity: “Warning”, “Error” and
“Fatal”.

Result Screen (Reading Traces):

In order to simplify the view, the severity column is not displayed in the result. You can determine the
severity for a given log record by using the background color and the following color schema:
Not Colored: Debug, Path, Info
Yellow: Warning
Red: Error, Fatal
XPI Inspector can filter out the displayed traces by the following fields: “User”, “Thread”, “Location”. The filter can
contain only one field and can be switched on/off by using the link over the corresponding field’s value. Look for
the tooltip in order to determine what the current filter status is. The first column can contain a link to view the
call stack that produced the trace record. This link will be displayed only if the severity of the log record is
“Warning”, “Error” or “Fatal” and the call stack trace is not part of the message content.
Example: 100 (Custom)
Selection screen:
1. Type a part from the log location name in the input field and click “Search”.
2. Select the log location(s) you would like to use.
3. Click the button “Add Selected” in order to add the marked locations to the list of the locations to be
set to “Debug”.
4. Do the same for any log categories if you need to debug them.
The selected log location will include all its sub locations as well. XPI Inspector lists only those locations that
are already instantiated by the SAP logging API. If the location is not used for tracing or logging so far since server
start then the location will not be listed.