Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 passwd[947]: password for 'ubuntu' changed by 'root'
Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 systemd-logind[1091]: Watching system buttons on /dev/input/event0 (Power Button)
Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 systemd-logind[1091]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 systemd-logind[1091]: New seat seat0.
Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 sshd[1279]: Server listening on 0.0.0.0 port 22.
Jan 29 10:18:43 prd-ubuntu1804-docker-4c-4g-3069 sshd[1279]: Server listening on :: port 22.
Jan 29 10:18:47 prd-ubuntu1804-docker-4c-4g-3069 sshd[1509]: Did not receive identification string from 10.32.4.5 port 36228
Jan 29 10:18:57 prd-ubuntu1804-docker-4c-4g-3069 sshd[1551]: Invalid user jenkins from 10.32.4.5 port 36236
Jan 29 10:18:57 prd-ubuntu1804-docker-4c-4g-3069 sshd[1551]: Received disconnect from 10.32.4.5 port 36236:11: Closed due to user request. [preauth]
Jan 29 10:18:57 prd-ubuntu1804-docker-4c-4g-3069 sshd[1551]: Disconnected from invalid user jenkins 10.32.4.5 port 36236 [preauth]
Jan 29 10:18:59 prd-ubuntu1804-docker-4c-4g-3069 sshd[1555]: Invalid user jenkins from 10.32.4.5 port 36240
Jan 29 10:18:59 prd-ubuntu1804-docker-4c-4g-3069 sshd[1555]: Received disconnect from 10.32.4.5 port 36240:11: Closed due to user request. [preauth]
Jan 29 10:18:59 prd-ubuntu1804-docker-4c-4g-3069 sshd[1555]: Disconnected from invalid user jenkins 10.32.4.5 port 36240 [preauth]
Jan 29 10:19:01 prd-ubuntu1804-docker-4c-4g-3069 sshd[1557]: Invalid user jenkins from 10.32.4.5 port 36264
Jan 29 10:19:01 prd-ubuntu1804-docker-4c-4g-3069 sshd[1557]: Received disconnect from 10.32.4.5 port 36264:11: Closed due to user request. [preauth]
Jan 29 10:19:01 prd-ubuntu1804-docker-4c-4g-3069 sshd[1557]: Disconnected from invalid user jenkins 10.32.4.5 port 36264 [preauth]
Jan 29 10:19:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[1560]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:19:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[1560]: pam_unix(cron:session): session closed for user root
Jan 29 10:19:03 prd-ubuntu1804-docker-4c-4g-3069 sshd[1567]: Invalid user jenkins from 10.32.4.5 port 36268
Jan 29 10:19:03 prd-ubuntu1804-docker-4c-4g-3069 sshd[1567]: Received disconnect from 10.32.4.5 port 36268:11: Closed due to user request. [preauth]
Jan 29 10:19:03 prd-ubuntu1804-docker-4c-4g-3069 sshd[1567]: Disconnected from invalid user jenkins 10.32.4.5 port 36268 [preauth]
Jan 29 10:19:07 prd-ubuntu1804-docker-4c-4g-3069 sshd[1679]: Invalid user jenkins from 10.32.4.5 port 36270
Jan 29 10:19:07 prd-ubuntu1804-docker-4c-4g-3069 sshd[1679]: Received disconnect from 10.32.4.5 port 36270:11: Closed due to user request. [preauth]
Jan 29 10:19:07 prd-ubuntu1804-docker-4c-4g-3069 sshd[1679]: Disconnected from invalid user jenkins 10.32.4.5 port 36270 [preauth]
Jan 29 10:19:09 prd-ubuntu1804-docker-4c-4g-3069 sshd[1814]: Invalid user jenkins from 10.32.4.5 port 36272
Jan 29 10:19:09 prd-ubuntu1804-docker-4c-4g-3069 sshd[1814]: Received disconnect from 10.32.4.5 port 36272:11: Closed due to user request. [preauth]
Jan 29 10:19:09 prd-ubuntu1804-docker-4c-4g-3069 sshd[1814]: Disconnected from invalid user jenkins 10.32.4.5 port 36272 [preauth]
Jan 29 10:19:11 prd-ubuntu1804-docker-4c-4g-3069 sshd[1848]: Invalid user jenkins from 10.32.4.5 port 36274
Jan 29 10:19:11 prd-ubuntu1804-docker-4c-4g-3069 sshd[1848]: Received disconnect from 10.32.4.5 port 36274:11: Closed due to user request. [preauth]
Jan 29 10:19:11 prd-ubuntu1804-docker-4c-4g-3069 sshd[1848]: Disconnected from invalid user jenkins 10.32.4.5 port 36274 [preauth]
Jan 29 10:19:12 prd-ubuntu1804-docker-4c-4g-3069 useradd[1866]: new group: name=jenkins, GID=1001
Jan 29 10:19:12 prd-ubuntu1804-docker-4c-4g-3069 useradd[1866]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jan 29 10:19:12 prd-ubuntu1804-docker-4c-4g-3069 usermod[1873]: add 'jenkins' to group 'docker'
Jan 29 10:19:12 prd-ubuntu1804-docker-4c-4g-3069 usermod[1873]: add 'jenkins' to shadow group 'docker'
Jan 29 10:19:13 prd-ubuntu1804-docker-4c-4g-3069 sshd[1915]: Accepted publickey for jenkins from 10.32.4.5 port 36276 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jan 29 10:19:13 prd-ubuntu1804-docker-4c-4g-3069 sshd[1915]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jan 29 10:19:13 prd-ubuntu1804-docker-4c-4g-3069 systemd-logind[1091]: New session 2 of user jenkins.
Jan 29 10:19:13 prd-ubuntu1804-docker-4c-4g-3069 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jan 29 10:20:03 prd-ubuntu1804-docker-4c-4g-3069 CRON[2496]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:20:03 prd-ubuntu1804-docker-4c-4g-3069 CRON[2496]: pam_unix(cron:session): session closed for user root
Jan 29 10:21:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[3641]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:21:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[3641]: pam_unix(cron:session): session closed for user root
Jan 29 10:22:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8267]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:22:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8267]: pam_unix(cron:session): session closed for user root
Jan 29 10:23:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8312]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:23:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8312]: pam_unix(cron:session): session closed for user root
Jan 29 10:24:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8509]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 29 10:24:01 prd-ubuntu1804-docker-4c-4g-3069 CRON[8509]: pam_unix(cron:session): session closed for user root
Jan 29 10:24:14 prd-ubuntu1804-docker-4c-4g-3069 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/aiml-fw-athp-data-extraction-docker-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jan 29 10:24:14 prd-ubuntu1804-docker-4c-4g-3069 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)