Jan 16 20:57:40 prd-ubuntu1804-docker-4c-4g-2038 passwd[933]: password for 'ubuntu' changed by 'root'
Jan 16 20:57:40 prd-ubuntu1804-docker-4c-4g-2038 systemd-logind[977]: Watching system buttons on /dev/input/event0 (Power Button)
Jan 16 20:57:40 prd-ubuntu1804-docker-4c-4g-2038 systemd-logind[977]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jan 16 20:57:40 prd-ubuntu1804-docker-4c-4g-2038 systemd-logind[977]: New seat seat0.
Jan 16 20:57:41 prd-ubuntu1804-docker-4c-4g-2038 sshd[1265]: Server listening on 0.0.0.0 port 22.
Jan 16 20:57:41 prd-ubuntu1804-docker-4c-4g-2038 sshd[1265]: Server listening on :: port 22.
Jan 16 20:57:45 prd-ubuntu1804-docker-4c-4g-2038 sshd[1468]: Did not receive identification string from 10.32.4.5 port 38960
Jan 16 20:57:47 prd-ubuntu1804-docker-4c-4g-2038 sshd[1509]: Invalid user jenkins from 10.32.4.5 port 38962
Jan 16 20:57:47 prd-ubuntu1804-docker-4c-4g-2038 sshd[1509]: Received disconnect from 10.32.4.5 port 38962:11: Closed due to user request. [preauth]
Jan 16 20:57:47 prd-ubuntu1804-docker-4c-4g-2038 sshd[1509]: Disconnected from invalid user jenkins 10.32.4.5 port 38962 [preauth]
Jan 16 20:57:50 prd-ubuntu1804-docker-4c-4g-2038 sshd[1528]: Invalid user jenkins from 10.32.4.5 port 38964
Jan 16 20:57:50 prd-ubuntu1804-docker-4c-4g-2038 sshd[1528]: Received disconnect from 10.32.4.5 port 38964:11: Closed due to user request. [preauth]
Jan 16 20:57:50 prd-ubuntu1804-docker-4c-4g-2038 sshd[1528]: Disconnected from invalid user jenkins 10.32.4.5 port 38964 [preauth]
Jan 16 20:57:52 prd-ubuntu1804-docker-4c-4g-2038 sshd[1530]: Invalid user jenkins from 10.32.4.5 port 38972
Jan 16 20:57:52 prd-ubuntu1804-docker-4c-4g-2038 sshd[1530]: Received disconnect from 10.32.4.5 port 38972:11: Closed due to user request. [preauth]
Jan 16 20:57:52 prd-ubuntu1804-docker-4c-4g-2038 sshd[1530]: Disconnected from invalid user jenkins 10.32.4.5 port 38972 [preauth]
Jan 16 20:57:54 prd-ubuntu1804-docker-4c-4g-2038 sshd[1532]: Invalid user jenkins from 10.32.4.5 port 38974
Jan 16 20:57:54 prd-ubuntu1804-docker-4c-4g-2038 sshd[1532]: Received disconnect from 10.32.4.5 port 38974:11: Closed due to user request. [preauth]
Jan 16 20:57:54 prd-ubuntu1804-docker-4c-4g-2038 sshd[1532]: Disconnected from invalid user jenkins 10.32.4.5 port 38974 [preauth]
Jan 16 20:57:56 prd-ubuntu1804-docker-4c-4g-2038 sshd[1534]: Invalid user jenkins from 10.32.4.5 port 38976
Jan 16 20:57:56 prd-ubuntu1804-docker-4c-4g-2038 sshd[1534]: Received disconnect from 10.32.4.5 port 38976:11: Closed due to user request. [preauth]
Jan 16 20:57:56 prd-ubuntu1804-docker-4c-4g-2038 sshd[1534]: Disconnected from invalid user jenkins 10.32.4.5 port 38976 [preauth]
Jan 16 20:57:58 prd-ubuntu1804-docker-4c-4g-2038 sshd[1536]: Invalid user jenkins from 10.32.4.5 port 38978
Jan 16 20:57:58 prd-ubuntu1804-docker-4c-4g-2038 sshd[1536]: Received disconnect from 10.32.4.5 port 38978:11: Closed due to user request. [preauth]
Jan 16 20:57:58 prd-ubuntu1804-docker-4c-4g-2038 sshd[1536]: Disconnected from invalid user jenkins 10.32.4.5 port 38978 [preauth]
Jan 16 20:58:00 prd-ubuntu1804-docker-4c-4g-2038 sshd[1538]: Invalid user jenkins from 10.32.4.5 port 38982
Jan 16 20:58:00 prd-ubuntu1804-docker-4c-4g-2038 sshd[1538]: Received disconnect from 10.32.4.5 port 38982:11: Closed due to user request. [preauth]
Jan 16 20:58:00 prd-ubuntu1804-docker-4c-4g-2038 sshd[1538]: Disconnected from invalid user jenkins 10.32.4.5 port 38982 [preauth]
Jan 16 20:58:01 prd-ubuntu1804-docker-4c-4g-2038 CRON[1540]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 16 20:58:01 prd-ubuntu1804-docker-4c-4g-2038 CRON[1540]: pam_unix(cron:session): session closed for user root
Jan 16 20:58:02 prd-ubuntu1804-docker-4c-4g-2038 sshd[1558]: Invalid user jenkins from 10.32.4.5 port 38984
Jan 16 20:58:02 prd-ubuntu1804-docker-4c-4g-2038 sshd[1558]: Received disconnect from 10.32.4.5 port 38984:11: Closed due to user request. [preauth]
Jan 16 20:58:02 prd-ubuntu1804-docker-4c-4g-2038 sshd[1558]: Disconnected from invalid user jenkins 10.32.4.5 port 38984 [preauth]
Jan 16 20:58:05 prd-ubuntu1804-docker-4c-4g-2038 sshd[1766]: Invalid user jenkins from 10.32.4.5 port 38986
Jan 16 20:58:05 prd-ubuntu1804-docker-4c-4g-2038 sshd[1766]: Received disconnect from 10.32.4.5 port 38986:11: Closed due to user request. [preauth]
Jan 16 20:58:05 prd-ubuntu1804-docker-4c-4g-2038 sshd[1766]: Disconnected from invalid user jenkins 10.32.4.5 port 38986 [preauth]
Jan 16 20:58:07 prd-ubuntu1804-docker-4c-4g-2038 sshd[1820]: Invalid user jenkins from 10.32.4.5 port 38988
Jan 16 20:58:07 prd-ubuntu1804-docker-4c-4g-2038 sshd[1820]: Received disconnect from 10.32.4.5 port 38988:11: Closed due to user request. [preauth]
Jan 16 20:58:07 prd-ubuntu1804-docker-4c-4g-2038 sshd[1820]: Disconnected from invalid user jenkins 10.32.4.5 port 38988 [preauth]
Jan 16 20:58:09 prd-ubuntu1804-docker-4c-4g-2038 sshd[1827]: Invalid user jenkins from 10.32.4.5 port 38990
Jan 16 20:58:09 prd-ubuntu1804-docker-4c-4g-2038 sshd[1827]: Received disconnect from 10.32.4.5 port 38990:11: Closed due to user request. [preauth]
Jan 16 20:58:09 prd-ubuntu1804-docker-4c-4g-2038 sshd[1827]: Disconnected from invalid user jenkins 10.32.4.5 port 38990 [preauth]
Jan 16 20:58:10 prd-ubuntu1804-docker-4c-4g-2038 useradd[1843]: new group: name=jenkins, GID=1001
Jan 16 20:58:10 prd-ubuntu1804-docker-4c-4g-2038 useradd[1843]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jan 16 20:58:10 prd-ubuntu1804-docker-4c-4g-2038 usermod[1850]: add 'jenkins' to group 'docker'
Jan 16 20:58:10 prd-ubuntu1804-docker-4c-4g-2038 usermod[1850]: add 'jenkins' to shadow group 'docker'
Jan 16 20:58:11 prd-ubuntu1804-docker-4c-4g-2038 sshd[1884]: Accepted publickey for jenkins from 10.32.4.5 port 38992 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jan 16 20:58:11 prd-ubuntu1804-docker-4c-4g-2038 sshd[1884]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jan 16 20:58:11 prd-ubuntu1804-docker-4c-4g-2038 systemd-logind[977]: New session 2 of user jenkins.
Jan 16 20:58:11 prd-ubuntu1804-docker-4c-4g-2038 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jan 16 20:59:02 prd-ubuntu1804-docker-4c-4g-2038 CRON[2825]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 16 20:59:02 prd-ubuntu1804-docker-4c-4g-2038 CRON[2825]: pam_unix(cron:session): session closed for user root
Jan 16 21:00:01 prd-ubuntu1804-docker-4c-4g-2038 CRON[3808]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 16 21:00:01 prd-ubuntu1804-docker-4c-4g-2038 CRON[3808]: pam_unix(cron:session): session closed for user root
Jan 16 21:00:04 prd-ubuntu1804-docker-4c-4g-2038 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-secret-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jan 16 21:00:04 prd-ubuntu1804-docker-4c-4g-2038 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)