Jul  3 20:58:03 prd-ubuntu1804-docker-4c-4g-4788 passwd[928]: password for 'ubuntu' changed by 'root'
Jul  3 20:58:04 prd-ubuntu1804-docker-4c-4g-4788 systemd-logind[1035]: Watching system buttons on /dev/input/event0 (Power Button)
Jul  3 20:58:04 prd-ubuntu1804-docker-4c-4g-4788 systemd-logind[1035]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jul  3 20:58:04 prd-ubuntu1804-docker-4c-4g-4788 systemd-logind[1035]: New seat seat0.
Jul  3 20:58:04 prd-ubuntu1804-docker-4c-4g-4788 sshd[1255]: Server listening on 0.0.0.0 port 22.
Jul  3 20:58:04 prd-ubuntu1804-docker-4c-4g-4788 sshd[1255]: Server listening on :: port 22.
Jul  3 20:58:05 prd-ubuntu1804-docker-4c-4g-4788 sshd[1300]: Did not receive identification string from 10.32.4.5 port 46918
Jul  3 20:58:15 prd-ubuntu1804-docker-4c-4g-4788 sshd[1538]: Invalid user jenkins from 10.32.4.5 port 46926
Jul  3 20:58:15 prd-ubuntu1804-docker-4c-4g-4788 sshd[1538]: Received disconnect from 10.32.4.5 port 46926:11: Closed due to user request. [preauth]
Jul  3 20:58:15 prd-ubuntu1804-docker-4c-4g-4788 sshd[1538]: Disconnected from invalid user jenkins 10.32.4.5 port 46926 [preauth]
Jul  3 20:58:17 prd-ubuntu1804-docker-4c-4g-4788 sshd[1542]: Invalid user jenkins from 10.32.4.5 port 46928
Jul  3 20:58:17 prd-ubuntu1804-docker-4c-4g-4788 sshd[1542]: Received disconnect from 10.32.4.5 port 46928:11: Closed due to user request. [preauth]
Jul  3 20:58:17 prd-ubuntu1804-docker-4c-4g-4788 sshd[1542]: Disconnected from invalid user jenkins 10.32.4.5 port 46928 [preauth]
Jul  3 20:58:19 prd-ubuntu1804-docker-4c-4g-4788 sshd[1544]: Invalid user jenkins from 10.32.4.5 port 46932
Jul  3 20:58:19 prd-ubuntu1804-docker-4c-4g-4788 sshd[1544]: Received disconnect from 10.32.4.5 port 46932:11: Closed due to user request. [preauth]
Jul  3 20:58:19 prd-ubuntu1804-docker-4c-4g-4788 sshd[1544]: Disconnected from invalid user jenkins 10.32.4.5 port 46932 [preauth]
Jul  3 20:58:21 prd-ubuntu1804-docker-4c-4g-4788 sshd[1546]: Invalid user jenkins from 10.32.4.5 port 46934
Jul  3 20:58:21 prd-ubuntu1804-docker-4c-4g-4788 sshd[1546]: Received disconnect from 10.32.4.5 port 46934:11: Closed due to user request. [preauth]
Jul  3 20:58:21 prd-ubuntu1804-docker-4c-4g-4788 sshd[1546]: Disconnected from invalid user jenkins 10.32.4.5 port 46934 [preauth]
Jul  3 20:58:23 prd-ubuntu1804-docker-4c-4g-4788 sshd[1548]: Invalid user jenkins from 10.32.4.5 port 46936
Jul  3 20:58:23 prd-ubuntu1804-docker-4c-4g-4788 sshd[1548]: Received disconnect from 10.32.4.5 port 46936:11: Closed due to user request. [preauth]
Jul  3 20:58:23 prd-ubuntu1804-docker-4c-4g-4788 sshd[1548]: Disconnected from invalid user jenkins 10.32.4.5 port 46936 [preauth]
Jul  3 20:58:25 prd-ubuntu1804-docker-4c-4g-4788 sshd[1560]: Invalid user jenkins from 10.32.4.5 port 46938
Jul  3 20:58:25 prd-ubuntu1804-docker-4c-4g-4788 sshd[1560]: Received disconnect from 10.32.4.5 port 46938:11: Closed due to user request. [preauth]
Jul  3 20:58:25 prd-ubuntu1804-docker-4c-4g-4788 sshd[1560]: Disconnected from invalid user jenkins 10.32.4.5 port 46938 [preauth]
Jul  3 20:58:28 prd-ubuntu1804-docker-4c-4g-4788 sshd[1762]: Invalid user jenkins from 10.32.4.5 port 46940
Jul  3 20:58:28 prd-ubuntu1804-docker-4c-4g-4788 sshd[1762]: Received disconnect from 10.32.4.5 port 46940:11: Closed due to user request. [preauth]
Jul  3 20:58:28 prd-ubuntu1804-docker-4c-4g-4788 sshd[1762]: Disconnected from invalid user jenkins 10.32.4.5 port 46940 [preauth]
Jul  3 20:58:30 prd-ubuntu1804-docker-4c-4g-4788 sshd[1809]: Invalid user jenkins from 10.32.4.5 port 46942
Jul  3 20:58:30 prd-ubuntu1804-docker-4c-4g-4788 sshd[1809]: Received disconnect from 10.32.4.5 port 46942:11: Closed due to user request. [preauth]
Jul  3 20:58:30 prd-ubuntu1804-docker-4c-4g-4788 sshd[1809]: Disconnected from invalid user jenkins 10.32.4.5 port 46942 [preauth]
Jul  3 20:58:33 prd-ubuntu1804-docker-4c-4g-4788 sshd[1827]: Invalid user jenkins from 10.32.4.5 port 46944
Jul  3 20:58:33 prd-ubuntu1804-docker-4c-4g-4788 sshd[1827]: Received disconnect from 10.32.4.5 port 46944:11: Closed due to user request. [preauth]
Jul  3 20:58:33 prd-ubuntu1804-docker-4c-4g-4788 sshd[1827]: Disconnected from invalid user jenkins 10.32.4.5 port 46944 [preauth]
Jul  3 20:58:35 prd-ubuntu1804-docker-4c-4g-4788 sshd[1831]: Invalid user jenkins from 10.32.4.5 port 46948
Jul  3 20:58:35 prd-ubuntu1804-docker-4c-4g-4788 sshd[1831]: Received disconnect from 10.32.4.5 port 46948:11: Closed due to user request. [preauth]
Jul  3 20:58:35 prd-ubuntu1804-docker-4c-4g-4788 sshd[1831]: Disconnected from invalid user jenkins 10.32.4.5 port 46948 [preauth]
Jul  3 20:58:36 prd-ubuntu1804-docker-4c-4g-4788 useradd[1856]: new group: name=jenkins, GID=1001
Jul  3 20:58:36 prd-ubuntu1804-docker-4c-4g-4788 useradd[1856]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jul  3 20:58:36 prd-ubuntu1804-docker-4c-4g-4788 usermod[1864]: add 'jenkins' to group 'docker'
Jul  3 20:58:36 prd-ubuntu1804-docker-4c-4g-4788 usermod[1864]: add 'jenkins' to shadow group 'docker'
Jul  3 20:58:37 prd-ubuntu1804-docker-4c-4g-4788 sshd[1898]: Accepted publickey for jenkins from 10.32.4.5 port 46950 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jul  3 20:58:37 prd-ubuntu1804-docker-4c-4g-4788 sshd[1898]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jul  3 20:58:37 prd-ubuntu1804-docker-4c-4g-4788 systemd-logind[1035]: New session 1 of user jenkins.
Jul  3 20:58:37 prd-ubuntu1804-docker-4c-4g-4788 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jul  3 20:59:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[2574]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul  3 20:59:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[2574]: pam_unix(cron:session): session closed for user root
Jul  3 21:00:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[2847]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul  3 21:00:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[2847]: pam_unix(cron:session): session closed for user root
Jul  3 21:01:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[3645]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul  3 21:01:01 prd-ubuntu1804-docker-4c-4g-4788 CRON[3645]: pam_unix(cron:session): session closed for user root
Jul  3 21:01:38 prd-ubuntu1804-docker-4c-4g-4788 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-secret-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jul  3 21:01:38 prd-ubuntu1804-docker-4c-4g-4788 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)