Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 passwd[921]: password for 'ubuntu' changed by 'root'
Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 systemd-logind[986]: Watching system buttons on /dev/input/event0 (Power Button)
Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 systemd-logind[986]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 systemd-logind[986]: New seat seat0.
Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 sshd[1094]: Server listening on 0.0.0.0 port 22.
Oct 17 21:35:28 prd-ubuntu1804-docker-4c-4g-7950 sshd[1094]: Server listening on :: port 22.
Oct 17 21:35:33 prd-ubuntu1804-docker-4c-4g-7950 sshd[1458]: Did not receive identification string from 10.32.4.5 port 49634
Oct 17 21:35:40 prd-ubuntu1804-docker-4c-4g-7950 sshd[1495]: Invalid user jenkins from 10.32.4.5 port 49650
Oct 17 21:35:40 prd-ubuntu1804-docker-4c-4g-7950 sshd[1495]: Received disconnect from 10.32.4.5 port 49650:11: Closed due to user request. [preauth]
Oct 17 21:35:40 prd-ubuntu1804-docker-4c-4g-7950 sshd[1495]: Disconnected from invalid user jenkins 10.32.4.5 port 49650 [preauth]
Oct 17 21:35:42 prd-ubuntu1804-docker-4c-4g-7950 sshd[1499]: Invalid user jenkins from 10.32.4.5 port 49666
Oct 17 21:35:42 prd-ubuntu1804-docker-4c-4g-7950 sshd[1499]: Received disconnect from 10.32.4.5 port 49666:11: Closed due to user request. [preauth]
Oct 17 21:35:42 prd-ubuntu1804-docker-4c-4g-7950 sshd[1499]: Disconnected from invalid user jenkins 10.32.4.5 port 49666 [preauth]
Oct 17 21:35:44 prd-ubuntu1804-docker-4c-4g-7950 sshd[1501]: Invalid user jenkins from 10.32.4.5 port 49680
Oct 17 21:35:44 prd-ubuntu1804-docker-4c-4g-7950 sshd[1501]: Received disconnect from 10.32.4.5 port 49680:11: Closed due to user request. [preauth]
Oct 17 21:35:44 prd-ubuntu1804-docker-4c-4g-7950 sshd[1501]: Disconnected from invalid user jenkins 10.32.4.5 port 49680 [preauth]
Oct 17 21:35:46 prd-ubuntu1804-docker-4c-4g-7950 sshd[1503]: Invalid user jenkins from 10.32.4.5 port 49686
Oct 17 21:35:46 prd-ubuntu1804-docker-4c-4g-7950 sshd[1503]: Received disconnect from 10.32.4.5 port 49686:11: Closed due to user request. [preauth]
Oct 17 21:35:46 prd-ubuntu1804-docker-4c-4g-7950 sshd[1503]: Disconnected from invalid user jenkins 10.32.4.5 port 49686 [preauth]
Oct 17 21:35:48 prd-ubuntu1804-docker-4c-4g-7950 sshd[1505]: Invalid user jenkins from 10.32.4.5 port 49692
Oct 17 21:35:48 prd-ubuntu1804-docker-4c-4g-7950 sshd[1505]: Received disconnect from 10.32.4.5 port 49692:11: Closed due to user request. [preauth]
Oct 17 21:35:48 prd-ubuntu1804-docker-4c-4g-7950 sshd[1505]: Disconnected from invalid user jenkins 10.32.4.5 port 49692 [preauth]
Oct 17 21:35:50 prd-ubuntu1804-docker-4c-4g-7950 sshd[1517]: Invalid user jenkins from 10.32.4.5 port 49700
Oct 17 21:35:50 prd-ubuntu1804-docker-4c-4g-7950 sshd[1517]: Received disconnect from 10.32.4.5 port 49700:11: Closed due to user request. [preauth]
Oct 17 21:35:50 prd-ubuntu1804-docker-4c-4g-7950 sshd[1517]: Disconnected from invalid user jenkins 10.32.4.5 port 49700 [preauth]
Oct 17 21:35:53 prd-ubuntu1804-docker-4c-4g-7950 sshd[1741]: Invalid user jenkins from 10.32.4.5 port 49712
Oct 17 21:35:53 prd-ubuntu1804-docker-4c-4g-7950 sshd[1741]: Received disconnect from 10.32.4.5 port 49712:11: Closed due to user request. [preauth]
Oct 17 21:35:53 prd-ubuntu1804-docker-4c-4g-7950 sshd[1741]: Disconnected from invalid user jenkins 10.32.4.5 port 49712 [preauth]
Oct 17 21:35:56 prd-ubuntu1804-docker-4c-4g-7950 sshd[1781]: Invalid user jenkins from 10.32.4.5 port 49720
Oct 17 21:35:56 prd-ubuntu1804-docker-4c-4g-7950 sshd[1781]: Received disconnect from 10.32.4.5 port 49720:11: Closed due to user request. [preauth]
Oct 17 21:35:56 prd-ubuntu1804-docker-4c-4g-7950 sshd[1781]: Disconnected from invalid user jenkins 10.32.4.5 port 49720 [preauth]
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 sshd[1797]: Invalid user jenkins from 10.32.4.5 port 49726
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 useradd[1801]: new group: name=jenkins, GID=1001
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 useradd[1801]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 sshd[1797]: Received disconnect from 10.32.4.5 port 49726:11: Closed due to user request. [preauth]
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 sshd[1797]: Disconnected from invalid user jenkins 10.32.4.5 port 49726 [preauth]
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 usermod[1808]: add 'jenkins' to group 'docker'
Oct 17 21:35:58 prd-ubuntu1804-docker-4c-4g-7950 usermod[1808]: add 'jenkins' to shadow group 'docker'
Oct 17 21:36:00 prd-ubuntu1804-docker-4c-4g-7950 sshd[1842]: Accepted publickey for jenkins from 10.32.4.5 port 49728 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Oct 17 21:36:00 prd-ubuntu1804-docker-4c-4g-7950 sshd[1842]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Oct 17 21:36:00 prd-ubuntu1804-docker-4c-4g-7950 systemd-logind[986]: New session 1 of user jenkins.
Oct 17 21:36:00 prd-ubuntu1804-docker-4c-4g-7950 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Oct 17 21:36:02 prd-ubuntu1804-docker-4c-4g-7950 CRON[2018]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 17 21:36:02 prd-ubuntu1804-docker-4c-4g-7950 CRON[2018]: pam_unix(cron:session): session closed for user root
Oct 17 21:37:01 prd-ubuntu1804-docker-4c-4g-7950 CRON[2624]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 17 21:37:01 prd-ubuntu1804-docker-4c-4g-7950 CRON[2624]: pam_unix(cron:session): session closed for user root
Oct 17 21:38:01 prd-ubuntu1804-docker-4c-4g-7950 CRON[6910]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 17 21:38:01 prd-ubuntu1804-docker-4c-4g-7950 CRON[6910]: pam_unix(cron:session): session closed for user root
Oct 17 21:38:15 prd-ubuntu1804-docker-4c-4g-7950 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-helm-docker-verify-all ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Oct 17 21:38:15 prd-ubuntu1804-docker-4c-4g-7950 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)