Aug 20 10:18:39 prd-ubuntu1804-docker-4c-4g-1476 passwd[928]: password for 'ubuntu' changed by 'root'
Aug 20 10:18:39 prd-ubuntu1804-docker-4c-4g-1476 systemd-logind[968]: Watching system buttons on /dev/input/event0 (Power Button)
Aug 20 10:18:39 prd-ubuntu1804-docker-4c-4g-1476 systemd-logind[968]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Aug 20 10:18:39 prd-ubuntu1804-docker-4c-4g-1476 systemd-logind[968]: New seat seat0.
Aug 20 10:18:40 prd-ubuntu1804-docker-4c-4g-1476 sshd[1225]: Server listening on 0.0.0.0 port 22.
Aug 20 10:18:40 prd-ubuntu1804-docker-4c-4g-1476 sshd[1225]: Server listening on :: port 22.
Aug 20 10:18:41 prd-ubuntu1804-docker-4c-4g-1476 sshd[1282]: Did not receive identification string from 10.32.4.5 port 52084
Aug 20 10:18:45 prd-ubuntu1804-docker-4c-4g-1476 sshd[1465]: Invalid user jenkins from 10.32.4.5 port 52086
Aug 20 10:18:45 prd-ubuntu1804-docker-4c-4g-1476 sshd[1465]: Received disconnect from 10.32.4.5 port 52086:11: Closed due to user request. [preauth]
Aug 20 10:18:45 prd-ubuntu1804-docker-4c-4g-1476 sshd[1465]: Disconnected from invalid user jenkins 10.32.4.5 port 52086 [preauth]
Aug 20 10:18:47 prd-ubuntu1804-docker-4c-4g-1476 sshd[1481]: Invalid user jenkins from 10.32.4.5 port 52088
Aug 20 10:18:47 prd-ubuntu1804-docker-4c-4g-1476 sshd[1481]: Received disconnect from 10.32.4.5 port 52088:11: Closed due to user request. [preauth]
Aug 20 10:18:47 prd-ubuntu1804-docker-4c-4g-1476 sshd[1481]: Disconnected from invalid user jenkins 10.32.4.5 port 52088 [preauth]
Aug 20 10:18:49 prd-ubuntu1804-docker-4c-4g-1476 sshd[1489]: Invalid user jenkins from 10.32.4.5 port 52092
Aug 20 10:18:49 prd-ubuntu1804-docker-4c-4g-1476 sshd[1489]: Received disconnect from 10.32.4.5 port 52092:11: Closed due to user request. [preauth]
Aug 20 10:18:49 prd-ubuntu1804-docker-4c-4g-1476 sshd[1489]: Disconnected from invalid user jenkins 10.32.4.5 port 52092 [preauth]
Aug 20 10:18:51 prd-ubuntu1804-docker-4c-4g-1476 sshd[1491]: Invalid user jenkins from 10.32.4.5 port 52096
Aug 20 10:18:51 prd-ubuntu1804-docker-4c-4g-1476 sshd[1491]: Received disconnect from 10.32.4.5 port 52096:11: Closed due to user request. [preauth]
Aug 20 10:18:51 prd-ubuntu1804-docker-4c-4g-1476 sshd[1491]: Disconnected from invalid user jenkins 10.32.4.5 port 52096 [preauth]
Aug 20 10:18:54 prd-ubuntu1804-docker-4c-4g-1476 sshd[1493]: Invalid user jenkins from 10.32.4.5 port 52098
Aug 20 10:18:54 prd-ubuntu1804-docker-4c-4g-1476 sshd[1493]: Received disconnect from 10.32.4.5 port 52098:11: Closed due to user request. [preauth]
Aug 20 10:18:54 prd-ubuntu1804-docker-4c-4g-1476 sshd[1493]: Disconnected from invalid user jenkins 10.32.4.5 port 52098 [preauth]
Aug 20 10:18:56 prd-ubuntu1804-docker-4c-4g-1476 sshd[1495]: Invalid user jenkins from 10.32.4.5 port 52100
Aug 20 10:18:56 prd-ubuntu1804-docker-4c-4g-1476 sshd[1495]: Received disconnect from 10.32.4.5 port 52100:11: Closed due to user request. [preauth]
Aug 20 10:18:56 prd-ubuntu1804-docker-4c-4g-1476 sshd[1495]: Disconnected from invalid user jenkins 10.32.4.5 port 52100 [preauth]
Aug 20 10:18:58 prd-ubuntu1804-docker-4c-4g-1476 sshd[1497]: Invalid user jenkins from 10.32.4.5 port 52102
Aug 20 10:18:58 prd-ubuntu1804-docker-4c-4g-1476 sshd[1497]: Received disconnect from 10.32.4.5 port 52102:11: Closed due to user request. [preauth]
Aug 20 10:18:58 prd-ubuntu1804-docker-4c-4g-1476 sshd[1497]: Disconnected from invalid user jenkins 10.32.4.5 port 52102 [preauth]
Aug 20 10:19:00 prd-ubuntu1804-docker-4c-4g-1476 sshd[1499]: Invalid user jenkins from 10.32.4.5 port 52110
Aug 20 10:19:00 prd-ubuntu1804-docker-4c-4g-1476 sshd[1499]: Received disconnect from 10.32.4.5 port 52110:11: Closed due to user request. [preauth]
Aug 20 10:19:00 prd-ubuntu1804-docker-4c-4g-1476 sshd[1499]: Disconnected from invalid user jenkins 10.32.4.5 port 52110 [preauth]
Aug 20 10:19:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[1501]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:19:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[1501]: pam_unix(cron:session): session closed for user root
Aug 20 10:19:03 prd-ubuntu1804-docker-4c-4g-1476 sshd[1592]: Invalid user jenkins from 10.32.4.5 port 52112
Aug 20 10:19:04 prd-ubuntu1804-docker-4c-4g-1476 sshd[1592]: Received disconnect from 10.32.4.5 port 52112:11: Closed due to user request. [preauth]
Aug 20 10:19:04 prd-ubuntu1804-docker-4c-4g-1476 sshd[1592]: Disconnected from invalid user jenkins 10.32.4.5 port 52112 [preauth]
Aug 20 10:19:06 prd-ubuntu1804-docker-4c-4g-1476 sshd[1741]: Invalid user jenkins from 10.32.4.5 port 52114
Aug 20 10:19:06 prd-ubuntu1804-docker-4c-4g-1476 sshd[1741]: Received disconnect from 10.32.4.5 port 52114:11: Closed due to user request. [preauth]
Aug 20 10:19:06 prd-ubuntu1804-docker-4c-4g-1476 sshd[1741]: Disconnected from invalid user jenkins 10.32.4.5 port 52114 [preauth]
Aug 20 10:19:08 prd-ubuntu1804-docker-4c-4g-1476 sshd[1781]: Invalid user jenkins from 10.32.4.5 port 52118
Aug 20 10:19:08 prd-ubuntu1804-docker-4c-4g-1476 sshd[1781]: Received disconnect from 10.32.4.5 port 52118:11: Closed due to user request. [preauth]
Aug 20 10:19:08 prd-ubuntu1804-docker-4c-4g-1476 sshd[1781]: Disconnected from invalid user jenkins 10.32.4.5 port 52118 [preauth]
Aug 20 10:19:10 prd-ubuntu1804-docker-4c-4g-1476 sshd[1785]: Invalid user jenkins from 10.32.4.5 port 52120
Aug 20 10:19:10 prd-ubuntu1804-docker-4c-4g-1476 sshd[1785]: Received disconnect from 10.32.4.5 port 52120:11: Closed due to user request. [preauth]
Aug 20 10:19:10 prd-ubuntu1804-docker-4c-4g-1476 sshd[1785]: Disconnected from invalid user jenkins 10.32.4.5 port 52120 [preauth]
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 useradd[1816]: new group: name=jenkins, GID=1001
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 useradd[1816]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 usermod[1823]: add 'jenkins' to group 'docker'
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 usermod[1823]: add 'jenkins' to shadow group 'docker'
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 sshd[1834]: Accepted publickey for jenkins from 10.32.4.5 port 52122 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 sshd[1834]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 systemd-logind[968]: New session 2 of user jenkins.
Aug 20 10:19:12 prd-ubuntu1804-docker-4c-4g-1476 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Aug 20 10:20:02 prd-ubuntu1804-docker-4c-4g-1476 CRON[2401]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:20:02 prd-ubuntu1804-docker-4c-4g-1476 CRON[2401]: pam_unix(cron:session): session closed for user root
Aug 20 10:21:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[2437]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:21:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[2437]: pam_unix(cron:session): session closed for user root
Aug 20 10:22:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[4178]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:22:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[4178]: pam_unix(cron:session): session closed for user root
Aug 20 10:23:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8196]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:23:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8196]: pam_unix(cron:session): session closed for user root
Aug 20 10:24:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8237]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:24:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8237]: pam_unix(cron:session): session closed for user root
Aug 20 10:25:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8433]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 20 10:25:01 prd-ubuntu1804-docker-4c-4g-1476 CRON[8433]: pam_unix(cron:session): session closed for user root
Aug 20 10:25:30 prd-ubuntu1804-docker-4c-4g-1476 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/aiml-fw-athp-data-extraction-docker-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Aug 20 10:25:30 prd-ubuntu1804-docker-4c-4g-1476 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)