Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 passwd[918]: password for 'ubuntu' changed by 'root'
Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 systemd-logind[1018]: Watching system buttons on /dev/input/event0 (Power Button)
Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 systemd-logind[1018]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 systemd-logind[1018]: New seat seat0.
Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 sshd[1228]: Server listening on 0.0.0.0 port 22.
Oct 21 15:48:09 prd-ubuntu1804-docker-4c-4g-8312 sshd[1228]: Server listening on :: port 22.
Oct 21 15:48:12 prd-ubuntu1804-docker-4c-4g-8312 sshd[1430]: Did not receive identification string from 10.32.4.5 port 53194
Oct 21 15:48:20 prd-ubuntu1804-docker-4c-4g-8312 sshd[1511]: Invalid user jenkins from 10.32.4.5 port 53202
Oct 21 15:48:20 prd-ubuntu1804-docker-4c-4g-8312 sshd[1511]: Received disconnect from 10.32.4.5 port 53202:11: Closed due to user request. [preauth]
Oct 21 15:48:20 prd-ubuntu1804-docker-4c-4g-8312 sshd[1511]: Disconnected from invalid user jenkins 10.32.4.5 port 53202 [preauth]
Oct 21 15:48:22 prd-ubuntu1804-docker-4c-4g-8312 sshd[1515]: Invalid user jenkins from 10.32.4.5 port 53206
Oct 21 15:48:22 prd-ubuntu1804-docker-4c-4g-8312 sshd[1515]: Received disconnect from 10.32.4.5 port 53206:11: Closed due to user request. [preauth]
Oct 21 15:48:22 prd-ubuntu1804-docker-4c-4g-8312 sshd[1515]: Disconnected from invalid user jenkins 10.32.4.5 port 53206 [preauth]
Oct 21 15:48:24 prd-ubuntu1804-docker-4c-4g-8312 sshd[1517]: Invalid user jenkins from 10.32.4.5 port 53208
Oct 21 15:48:24 prd-ubuntu1804-docker-4c-4g-8312 sshd[1517]: Received disconnect from 10.32.4.5 port 53208:11: Closed due to user request. [preauth]
Oct 21 15:48:24 prd-ubuntu1804-docker-4c-4g-8312 sshd[1517]: Disconnected from invalid user jenkins 10.32.4.5 port 53208 [preauth]
Oct 21 15:48:26 prd-ubuntu1804-docker-4c-4g-8312 sshd[1519]: Invalid user jenkins from 10.32.4.5 port 53210
Oct 21 15:48:27 prd-ubuntu1804-docker-4c-4g-8312 sshd[1519]: Received disconnect from 10.32.4.5 port 53210:11: Closed due to user request. [preauth]
Oct 21 15:48:27 prd-ubuntu1804-docker-4c-4g-8312 sshd[1519]: Disconnected from invalid user jenkins 10.32.4.5 port 53210 [preauth]
Oct 21 15:48:29 prd-ubuntu1804-docker-4c-4g-8312 sshd[1521]: Invalid user jenkins from 10.32.4.5 port 53212
Oct 21 15:48:29 prd-ubuntu1804-docker-4c-4g-8312 sshd[1521]: Received disconnect from 10.32.4.5 port 53212:11: Closed due to user request. [preauth]
Oct 21 15:48:29 prd-ubuntu1804-docker-4c-4g-8312 sshd[1521]: Disconnected from invalid user jenkins 10.32.4.5 port 53212 [preauth]
Oct 21 15:48:31 prd-ubuntu1804-docker-4c-4g-8312 sshd[1532]: Invalid user jenkins from 10.32.4.5 port 53214
Oct 21 15:48:31 prd-ubuntu1804-docker-4c-4g-8312 sshd[1532]: Received disconnect from 10.32.4.5 port 53214:11: Closed due to user request. [preauth]
Oct 21 15:48:31 prd-ubuntu1804-docker-4c-4g-8312 sshd[1532]: Disconnected from invalid user jenkins 10.32.4.5 port 53214 [preauth]
Oct 21 15:48:33 prd-ubuntu1804-docker-4c-4g-8312 sshd[1744]: Invalid user jenkins from 10.32.4.5 port 53216
Oct 21 15:48:33 prd-ubuntu1804-docker-4c-4g-8312 sshd[1744]: Received disconnect from 10.32.4.5 port 53216:11: Closed due to user request. [preauth]
Oct 21 15:48:33 prd-ubuntu1804-docker-4c-4g-8312 sshd[1744]: Disconnected from invalid user jenkins 10.32.4.5 port 53216 [preauth]
Oct 21 15:48:35 prd-ubuntu1804-docker-4c-4g-8312 sshd[1793]: Invalid user jenkins from 10.32.4.5 port 53218
Oct 21 15:48:36 prd-ubuntu1804-docker-4c-4g-8312 sshd[1793]: Received disconnect from 10.32.4.5 port 53218:11: Closed due to user request. [preauth]
Oct 21 15:48:36 prd-ubuntu1804-docker-4c-4g-8312 sshd[1793]: Disconnected from invalid user jenkins 10.32.4.5 port 53218 [preauth]
Oct 21 15:48:38 prd-ubuntu1804-docker-4c-4g-8312 sshd[1801]: Invalid user jenkins from 10.32.4.5 port 53220
Oct 21 15:48:38 prd-ubuntu1804-docker-4c-4g-8312 sshd[1801]: Received disconnect from 10.32.4.5 port 53220:11: Closed due to user request. [preauth]
Oct 21 15:48:38 prd-ubuntu1804-docker-4c-4g-8312 sshd[1801]: Disconnected from invalid user jenkins 10.32.4.5 port 53220 [preauth]
Oct 21 15:48:39 prd-ubuntu1804-docker-4c-4g-8312 useradd[1817]: new group: name=jenkins, GID=1001
Oct 21 15:48:39 prd-ubuntu1804-docker-4c-4g-8312 useradd[1817]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Oct 21 15:48:39 prd-ubuntu1804-docker-4c-4g-8312 usermod[1824]: add 'jenkins' to group 'docker'
Oct 21 15:48:39 prd-ubuntu1804-docker-4c-4g-8312 usermod[1824]: add 'jenkins' to shadow group 'docker'
Oct 21 15:48:40 prd-ubuntu1804-docker-4c-4g-8312 sshd[1865]: Accepted publickey for jenkins from 10.32.4.5 port 53224 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Oct 21 15:48:40 prd-ubuntu1804-docker-4c-4g-8312 sshd[1865]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Oct 21 15:48:40 prd-ubuntu1804-docker-4c-4g-8312 systemd-logind[1018]: New session 1 of user jenkins.
Oct 21 15:48:40 prd-ubuntu1804-docker-4c-4g-8312 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Oct 21 15:49:02 prd-ubuntu1804-docker-4c-4g-8312 CRON[2401]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 21 15:49:02 prd-ubuntu1804-docker-4c-4g-8312 CRON[2401]: pam_unix(cron:session): session closed for user root
Oct 21 15:50:01 prd-ubuntu1804-docker-4c-4g-8312 CRON[3301]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 21 15:50:01 prd-ubuntu1804-docker-4c-4g-8312 CRON[3301]: pam_unix(cron:session): session closed for user root
Oct 21 15:51:01 prd-ubuntu1804-docker-4c-4g-8312 CRON[7383]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 21 15:51:01 prd-ubuntu1804-docker-4c-4g-8312 CRON[7383]: pam_unix(cron:session): session closed for user root
Oct 21 15:51:15 prd-ubuntu1804-docker-4c-4g-8312 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-helm-docker-verify-all ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Oct 21 15:51:15 prd-ubuntu1804-docker-4c-4g-8312 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)