Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 passwd[951]: password for 'ubuntu' changed by 'root' Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 systemd-logind[991]: Watching system buttons on /dev/input/event0 (Power Button) Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 systemd-logind[991]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard) Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 systemd-logind[991]: New seat seat0. Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 sshd[1113]: Server listening on 0.0.0.0 port 22. Sep 6 03:20:00 prd-ubuntu1804-docker-4c-4g-4355 sshd[1113]: Server listening on :: port 22. Sep 6 03:20:04 prd-ubuntu1804-docker-4c-4g-4355 sshd[1422]: Did not receive identification string from 10.32.4.5 port 40992 Sep 6 03:20:10 prd-ubuntu1804-docker-4c-4g-4355 sshd[1499]: Invalid user jenkins from 10.32.4.5 port 40996 Sep 6 03:20:10 prd-ubuntu1804-docker-4c-4g-4355 sshd[1499]: Received disconnect from 10.32.4.5 port 40996:11: Closed due to user request. [preauth] Sep 6 03:20:10 prd-ubuntu1804-docker-4c-4g-4355 sshd[1499]: Disconnected from invalid user jenkins 10.32.4.5 port 40996 [preauth] Sep 6 03:20:12 prd-ubuntu1804-docker-4c-4g-4355 sshd[1503]: Invalid user jenkins from 10.32.4.5 port 40998 Sep 6 03:20:12 prd-ubuntu1804-docker-4c-4g-4355 sshd[1503]: Received disconnect from 10.32.4.5 port 40998:11: Closed due to user request. [preauth] Sep 6 03:20:12 prd-ubuntu1804-docker-4c-4g-4355 sshd[1503]: Disconnected from invalid user jenkins 10.32.4.5 port 40998 [preauth] Sep 6 03:20:14 prd-ubuntu1804-docker-4c-4g-4355 sshd[1505]: Invalid user jenkins from 10.32.4.5 port 41006 Sep 6 03:20:14 prd-ubuntu1804-docker-4c-4g-4355 sshd[1505]: Received disconnect from 10.32.4.5 port 41006:11: Closed due to user request. [preauth] Sep 6 03:20:14 prd-ubuntu1804-docker-4c-4g-4355 sshd[1505]: Disconnected from invalid user jenkins 10.32.4.5 port 41006 [preauth] Sep 6 03:20:16 prd-ubuntu1804-docker-4c-4g-4355 sshd[1507]: Invalid user jenkins from 10.32.4.5 port 41008 Sep 6 03:20:16 prd-ubuntu1804-docker-4c-4g-4355 sshd[1507]: Received disconnect from 10.32.4.5 port 41008:11: Closed due to user request. [preauth] Sep 6 03:20:16 prd-ubuntu1804-docker-4c-4g-4355 sshd[1507]: Disconnected from invalid user jenkins 10.32.4.5 port 41008 [preauth] Sep 6 03:20:18 prd-ubuntu1804-docker-4c-4g-4355 sshd[1509]: Invalid user jenkins from 10.32.4.5 port 41010 Sep 6 03:20:18 prd-ubuntu1804-docker-4c-4g-4355 sshd[1509]: Received disconnect from 10.32.4.5 port 41010:11: Closed due to user request. [preauth] Sep 6 03:20:18 prd-ubuntu1804-docker-4c-4g-4355 sshd[1509]: Disconnected from invalid user jenkins 10.32.4.5 port 41010 [preauth] Sep 6 03:20:21 prd-ubuntu1804-docker-4c-4g-4355 sshd[1511]: Invalid user jenkins from 10.32.4.5 port 41012 Sep 6 03:20:21 prd-ubuntu1804-docker-4c-4g-4355 sshd[1511]: Received disconnect from 10.32.4.5 port 41012:11: Closed due to user request. [preauth] Sep 6 03:20:21 prd-ubuntu1804-docker-4c-4g-4355 sshd[1511]: Disconnected from invalid user jenkins 10.32.4.5 port 41012 [preauth] Sep 6 03:20:23 prd-ubuntu1804-docker-4c-4g-4355 sshd[1597]: Invalid user jenkins from 10.32.4.5 port 41016 Sep 6 03:20:23 prd-ubuntu1804-docker-4c-4g-4355 sshd[1597]: Received disconnect from 10.32.4.5 port 41016:11: Closed due to user request. [preauth] Sep 6 03:20:23 prd-ubuntu1804-docker-4c-4g-4355 sshd[1597]: Disconnected from invalid user jenkins 10.32.4.5 port 41016 [preauth] Sep 6 03:20:26 prd-ubuntu1804-docker-4c-4g-4355 sshd[1756]: Invalid user jenkins from 10.32.4.5 port 41020 Sep 6 03:20:26 prd-ubuntu1804-docker-4c-4g-4355 sshd[1756]: Received disconnect from 10.32.4.5 port 41020:11: Closed due to user request. [preauth] Sep 6 03:20:26 prd-ubuntu1804-docker-4c-4g-4355 sshd[1756]: Disconnected from invalid user jenkins 10.32.4.5 port 41020 [preauth] Sep 6 03:20:28 prd-ubuntu1804-docker-4c-4g-4355 sshd[1790]: Invalid user jenkins from 10.32.4.5 port 41022 Sep 6 03:20:28 prd-ubuntu1804-docker-4c-4g-4355 sshd[1790]: Received disconnect from 10.32.4.5 port 41022:11: Closed due to user request. [preauth] Sep 6 03:20:28 prd-ubuntu1804-docker-4c-4g-4355 sshd[1790]: Disconnected from invalid user jenkins 10.32.4.5 port 41022 [preauth] Sep 6 03:20:29 prd-ubuntu1804-docker-4c-4g-4355 useradd[1808]: new group: name=jenkins, GID=1001 Sep 6 03:20:29 prd-ubuntu1804-docker-4c-4g-4355 useradd[1808]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash Sep 6 03:20:29 prd-ubuntu1804-docker-4c-4g-4355 usermod[1815]: add 'jenkins' to group 'docker' Sep 6 03:20:29 prd-ubuntu1804-docker-4c-4g-4355 usermod[1815]: add 'jenkins' to shadow group 'docker' Sep 6 03:20:30 prd-ubuntu1804-docker-4c-4g-4355 sshd[1849]: Accepted publickey for jenkins from 10.32.4.5 port 41024 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI Sep 6 03:20:30 prd-ubuntu1804-docker-4c-4g-4355 sshd[1849]: pam_unix(sshd:session): session opened for user jenkins by (uid=0) Sep 6 03:20:30 prd-ubuntu1804-docker-4c-4g-4355 systemd-logind[991]: New session 1 of user jenkins. Sep 6 03:20:30 prd-ubuntu1804-docker-4c-4g-4355 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0) Sep 6 03:21:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[2411]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 6 03:21:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[2411]: pam_unix(cron:session): session closed for user root Sep 6 03:22:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[3551]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 6 03:22:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[3551]: pam_unix(cron:session): session closed for user root Sep 6 03:23:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[8127]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 6 03:23:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[8127]: pam_unix(cron:session): session closed for user root Sep 6 03:24:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[11077]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 6 03:24:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[11077]: pam_unix(cron:session): session closed for user root Sep 6 03:25:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[11122]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 6 03:25:01 prd-ubuntu1804-docker-4c-4g-4355 CRON[11122]: pam_unix(cron:session): session closed for user root Sep 6 03:25:37 prd-ubuntu1804-docker-4c-4g-4355 sudo: jenkins : TTY=unknown ; PWD=/w/workspace/aiml-fw-athp-data-extraction-docker-docker-verify-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp Sep 6 03:25:37 prd-ubuntu1804-docker-4c-4g-4355 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)