Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 passwd[927]: password for 'ubuntu' changed by 'root'
Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 systemd-logind[998]: Watching system buttons on /dev/input/event0 (Power Button)
Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 systemd-logind[998]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 systemd-logind[998]: New seat seat0.
Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 sshd[1205]: Server listening on 0.0.0.0 port 22.
Jun 13 15:22:04 prd-ubuntu1804-docker-4c-4g-3423 sshd[1205]: Server listening on :: port 22.
Jun 13 15:22:09 prd-ubuntu1804-docker-4c-4g-3423 sshd[1462]: Did not receive identification string from 10.32.4.5 port 37124
Jun 13 15:22:11 prd-ubuntu1804-docker-4c-4g-3423 sshd[1470]: Invalid user jenkins from 10.32.4.5 port 37128
Jun 13 15:22:11 prd-ubuntu1804-docker-4c-4g-3423 sshd[1470]: Received disconnect from 10.32.4.5 port 37128:11: Closed due to user request. [preauth]
Jun 13 15:22:11 prd-ubuntu1804-docker-4c-4g-3423 sshd[1470]: Disconnected from invalid user jenkins 10.32.4.5 port 37128 [preauth]
Jun 13 15:22:13 prd-ubuntu1804-docker-4c-4g-3423 sshd[1488]: Invalid user jenkins from 10.32.4.5 port 37138
Jun 13 15:22:13 prd-ubuntu1804-docker-4c-4g-3423 sshd[1488]: Received disconnect from 10.32.4.5 port 37138:11: Closed due to user request. [preauth]
Jun 13 15:22:13 prd-ubuntu1804-docker-4c-4g-3423 sshd[1488]: Disconnected from invalid user jenkins 10.32.4.5 port 37138 [preauth]
Jun 13 15:22:15 prd-ubuntu1804-docker-4c-4g-3423 sshd[1490]: Invalid user jenkins from 10.32.4.5 port 37144
Jun 13 15:22:15 prd-ubuntu1804-docker-4c-4g-3423 sshd[1490]: Received disconnect from 10.32.4.5 port 37144:11: Closed due to user request. [preauth]
Jun 13 15:22:15 prd-ubuntu1804-docker-4c-4g-3423 sshd[1490]: Disconnected from invalid user jenkins 10.32.4.5 port 37144 [preauth]
Jun 13 15:22:17 prd-ubuntu1804-docker-4c-4g-3423 sshd[1492]: Invalid user jenkins from 10.32.4.5 port 37150
Jun 13 15:22:18 prd-ubuntu1804-docker-4c-4g-3423 sshd[1492]: Received disconnect from 10.32.4.5 port 37150:11: Closed due to user request. [preauth]
Jun 13 15:22:18 prd-ubuntu1804-docker-4c-4g-3423 sshd[1492]: Disconnected from invalid user jenkins 10.32.4.5 port 37150 [preauth]
Jun 13 15:22:20 prd-ubuntu1804-docker-4c-4g-3423 sshd[1494]: Invalid user jenkins from 10.32.4.5 port 37156
Jun 13 15:22:20 prd-ubuntu1804-docker-4c-4g-3423 sshd[1494]: Received disconnect from 10.32.4.5 port 37156:11: Closed due to user request. [preauth]
Jun 13 15:22:20 prd-ubuntu1804-docker-4c-4g-3423 sshd[1494]: Disconnected from invalid user jenkins 10.32.4.5 port 37156 [preauth]
Jun 13 15:22:22 prd-ubuntu1804-docker-4c-4g-3423 sshd[1496]: Invalid user jenkins from 10.32.4.5 port 37166
Jun 13 15:22:22 prd-ubuntu1804-docker-4c-4g-3423 sshd[1496]: Received disconnect from 10.32.4.5 port 37166:11: Closed due to user request. [preauth]
Jun 13 15:22:22 prd-ubuntu1804-docker-4c-4g-3423 sshd[1496]: Disconnected from invalid user jenkins 10.32.4.5 port 37166 [preauth]
Jun 13 15:22:24 prd-ubuntu1804-docker-4c-4g-3423 sshd[1498]: Invalid user jenkins from 10.32.4.5 port 37172
Jun 13 15:22:24 prd-ubuntu1804-docker-4c-4g-3423 sshd[1498]: Received disconnect from 10.32.4.5 port 37172:11: Closed due to user request. [preauth]
Jun 13 15:22:24 prd-ubuntu1804-docker-4c-4g-3423 sshd[1498]: Disconnected from invalid user jenkins 10.32.4.5 port 37172 [preauth]
Jun 13 15:22:26 prd-ubuntu1804-docker-4c-4g-3423 sshd[1529]: Invalid user jenkins from 10.32.4.5 port 37178
Jun 13 15:22:26 prd-ubuntu1804-docker-4c-4g-3423 sshd[1529]: Received disconnect from 10.32.4.5 port 37178:11: Closed due to user request. [preauth]
Jun 13 15:22:26 prd-ubuntu1804-docker-4c-4g-3423 sshd[1529]: Disconnected from invalid user jenkins 10.32.4.5 port 37178 [preauth]
Jun 13 15:22:28 prd-ubuntu1804-docker-4c-4g-3423 sshd[1735]: Invalid user jenkins from 10.32.4.5 port 37182
Jun 13 15:22:28 prd-ubuntu1804-docker-4c-4g-3423 sshd[1735]: Received disconnect from 10.32.4.5 port 37182:11: Closed due to user request. [preauth]
Jun 13 15:22:28 prd-ubuntu1804-docker-4c-4g-3423 sshd[1735]: Disconnected from invalid user jenkins 10.32.4.5 port 37182 [preauth]
Jun 13 15:22:30 prd-ubuntu1804-docker-4c-4g-3423 sshd[1774]: Invalid user jenkins from 10.32.4.5 port 37190
Jun 13 15:22:30 prd-ubuntu1804-docker-4c-4g-3423 sshd[1774]: Received disconnect from 10.32.4.5 port 37190:11: Closed due to user request. [preauth]
Jun 13 15:22:30 prd-ubuntu1804-docker-4c-4g-3423 sshd[1774]: Disconnected from invalid user jenkins 10.32.4.5 port 37190 [preauth]
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 useradd[1794]: new group: name=jenkins, GID=1001
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 useradd[1794]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 sshd[1792]: Invalid user jenkins from 10.32.4.5 port 37196
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 sshd[1792]: Received disconnect from 10.32.4.5 port 37196:11: Closed due to user request. [preauth]
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 sshd[1792]: Disconnected from invalid user jenkins 10.32.4.5 port 37196 [preauth]
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 usermod[1801]: add 'jenkins' to group 'docker'
Jun 13 15:22:32 prd-ubuntu1804-docker-4c-4g-3423 usermod[1801]: add 'jenkins' to shadow group 'docker'
Jun 13 15:22:34 prd-ubuntu1804-docker-4c-4g-3423 sshd[1835]: Accepted publickey for jenkins from 10.32.4.5 port 37200 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jun 13 15:22:34 prd-ubuntu1804-docker-4c-4g-3423 sshd[1835]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jun 13 15:22:34 prd-ubuntu1804-docker-4c-4g-3423 systemd-logind[998]: New session 1 of user jenkins.
Jun 13 15:22:34 prd-ubuntu1804-docker-4c-4g-3423 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jun 13 15:23:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[2380]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 13 15:23:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[2380]: pam_unix(cron:session): session closed for user root
Jun 13 15:24:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[3012]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 13 15:24:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[3012]: pam_unix(cron:session): session closed for user root
Jun 13 15:25:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[7401]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 13 15:25:01 prd-ubuntu1804-docker-4c-4g-3423 CRON[7401]: pam_unix(cron:session): session closed for user root
Jun 13 15:25:20 prd-ubuntu1804-docker-4c-4g-3423 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-helm-docker-verify-all ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jun 13 15:25:20 prd-ubuntu1804-docker-4c-4g-3423 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)