Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 passwd[939]: password for 'ubuntu' changed by 'root'
Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 systemd-logind[995]: Watching system buttons on /dev/input/event0 (Power Button)
Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 systemd-logind[995]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 systemd-logind[995]: New seat seat0.
Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 sshd[1117]: Server listening on 0.0.0.0 port 22.
Jan 22 10:18:44 prd-ubuntu1804-docker-4c-4g-2498 sshd[1117]: Server listening on :: port 22.
Jan 22 10:18:48 prd-ubuntu1804-docker-4c-4g-2498 sshd[1483]: Did not receive identification string from 10.32.4.5 port 58584
Jan 22 10:18:58 prd-ubuntu1804-docker-4c-4g-2498 sshd[1545]: Invalid user jenkins from 10.32.4.5 port 58594
Jan 22 10:18:58 prd-ubuntu1804-docker-4c-4g-2498 sshd[1545]: Received disconnect from 10.32.4.5 port 58594:11: Closed due to user request. [preauth]
Jan 22 10:18:58 prd-ubuntu1804-docker-4c-4g-2498 sshd[1545]: Disconnected from invalid user jenkins 10.32.4.5 port 58594 [preauth]
Jan 22 10:19:00 prd-ubuntu1804-docker-4c-4g-2498 sshd[1549]: Invalid user jenkins from 10.32.4.5 port 58598
Jan 22 10:19:00 prd-ubuntu1804-docker-4c-4g-2498 sshd[1549]: Received disconnect from 10.32.4.5 port 58598:11: Closed due to user request. [preauth]
Jan 22 10:19:00 prd-ubuntu1804-docker-4c-4g-2498 sshd[1549]: Disconnected from invalid user jenkins 10.32.4.5 port 58598 [preauth]
Jan 22 10:19:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[1551]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:19:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[1551]: pam_unix(cron:session): session closed for user root
Jan 22 10:19:02 prd-ubuntu1804-docker-4c-4g-2498 sshd[1560]: Invalid user jenkins from 10.32.4.5 port 58624
Jan 22 10:19:02 prd-ubuntu1804-docker-4c-4g-2498 sshd[1560]: Received disconnect from 10.32.4.5 port 58624:11: Closed due to user request. [preauth]
Jan 22 10:19:02 prd-ubuntu1804-docker-4c-4g-2498 sshd[1560]: Disconnected from invalid user jenkins 10.32.4.5 port 58624 [preauth]
Jan 22 10:19:04 prd-ubuntu1804-docker-4c-4g-2498 sshd[1562]: Invalid user jenkins from 10.32.4.5 port 58626
Jan 22 10:19:04 prd-ubuntu1804-docker-4c-4g-2498 sshd[1562]: Received disconnect from 10.32.4.5 port 58626:11: Closed due to user request. [preauth]
Jan 22 10:19:04 prd-ubuntu1804-docker-4c-4g-2498 sshd[1562]: Disconnected from invalid user jenkins 10.32.4.5 port 58626 [preauth]
Jan 22 10:19:07 prd-ubuntu1804-docker-4c-4g-2498 sshd[1772]: Invalid user jenkins from 10.32.4.5 port 58628
Jan 22 10:19:07 prd-ubuntu1804-docker-4c-4g-2498 sshd[1772]: Received disconnect from 10.32.4.5 port 58628:11: Closed due to user request. [preauth]
Jan 22 10:19:07 prd-ubuntu1804-docker-4c-4g-2498 sshd[1772]: Disconnected from invalid user jenkins 10.32.4.5 port 58628 [preauth]
Jan 22 10:19:09 prd-ubuntu1804-docker-4c-4g-2498 sshd[1826]: Invalid user jenkins from 10.32.4.5 port 58630
Jan 22 10:19:09 prd-ubuntu1804-docker-4c-4g-2498 sshd[1826]: Received disconnect from 10.32.4.5 port 58630:11: Closed due to user request. [preauth]
Jan 22 10:19:09 prd-ubuntu1804-docker-4c-4g-2498 sshd[1826]: Disconnected from invalid user jenkins 10.32.4.5 port 58630 [preauth]
Jan 22 10:19:11 prd-ubuntu1804-docker-4c-4g-2498 sshd[1846]: Invalid user jenkins from 10.32.4.5 port 58632
Jan 22 10:19:11 prd-ubuntu1804-docker-4c-4g-2498 sshd[1846]: Received disconnect from 10.32.4.5 port 58632:11: Closed due to user request. [preauth]
Jan 22 10:19:11 prd-ubuntu1804-docker-4c-4g-2498 sshd[1846]: Disconnected from invalid user jenkins 10.32.4.5 port 58632 [preauth]
Jan 22 10:19:12 prd-ubuntu1804-docker-4c-4g-2498 useradd[1862]: new group: name=jenkins, GID=1001
Jan 22 10:19:12 prd-ubuntu1804-docker-4c-4g-2498 useradd[1862]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jan 22 10:19:12 prd-ubuntu1804-docker-4c-4g-2498 usermod[1869]: add 'jenkins' to group 'docker'
Jan 22 10:19:12 prd-ubuntu1804-docker-4c-4g-2498 usermod[1869]: add 'jenkins' to shadow group 'docker'
Jan 22 10:19:13 prd-ubuntu1804-docker-4c-4g-2498 sshd[1903]: Accepted publickey for jenkins from 10.32.4.5 port 58634 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jan 22 10:19:13 prd-ubuntu1804-docker-4c-4g-2498 sshd[1903]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jan 22 10:19:13 prd-ubuntu1804-docker-4c-4g-2498 systemd-logind[995]: New session 2 of user jenkins.
Jan 22 10:19:13 prd-ubuntu1804-docker-4c-4g-2498 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jan 22 10:20:02 prd-ubuntu1804-docker-4c-4g-2498 CRON[2463]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:20:02 prd-ubuntu1804-docker-4c-4g-2498 CRON[2463]: pam_unix(cron:session): session closed for user root
Jan 22 10:21:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[3473]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:21:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[3473]: pam_unix(cron:session): session closed for user root
Jan 22 10:22:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8213]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:22:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8213]: pam_unix(cron:session): session closed for user root
Jan 22 10:23:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8251]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:23:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8251]: pam_unix(cron:session): session closed for user root
Jan 22 10:24:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8446]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 22 10:24:01 prd-ubuntu1804-docker-4c-4g-2498 CRON[8446]: pam_unix(cron:session): session closed for user root
Jan 22 10:24:25 prd-ubuntu1804-docker-4c-4g-2498 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/aiml-fw-athp-data-extraction-docker-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jan 22 10:24:25 prd-ubuntu1804-docker-4c-4g-2498 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)