The Directory Server already provides a detailed HTTP log publisher to capture the
SCIM and HTTP request details. To be able to correlate this data to the internal LDAP operations
that are invoked behind the scenes, the Access Log Publisher will use
"origin=scim
" in access log messages that are generated by the SCIM servlet.
For example, you will see a message for operations invoked by replication:
[30/Oct/2012:18:45:10.490 -0500] MODIFY REQUEST conn=-3 op=190 msgID=191 origin="replication" dn="uid=user.3,ou=people,dc=example,dc=com"
Likewise for SCIM messages, you will see a message like this:
[30/Oct/2012:18:45:10.490 -0500] MODIFY REQUEST conn=-3 op=190 msgID=191 origin="scim" dn="uid=user.3,ou=people,dc=example,dc=com"