Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 passwd[926]: password for 'ubuntu' changed by 'root'
Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 systemd-logind[980]: Watching system buttons on /dev/input/event0 (Power Button)
Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 systemd-logind[980]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 systemd-logind[980]: New seat seat0.
Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 sshd[1086]: Server listening on 0.0.0.0 port 22.
Jan  1 20:58:24 prd-ubuntu1804-docker-4c-4g-2229 sshd[1086]: Server listening on :: port 22.
Jan  1 20:58:27 prd-ubuntu1804-docker-4c-4g-2229 sshd[1386]: Did not receive identification string from 10.32.4.5 port 41580
Jan  1 20:58:31 prd-ubuntu1804-docker-4c-4g-2229 sshd[1439]: Invalid user jenkins from 10.32.4.5 port 41588
Jan  1 20:58:31 prd-ubuntu1804-docker-4c-4g-2229 sshd[1439]: Received disconnect from 10.32.4.5 port 41588:11: Closed due to user request. [preauth]
Jan  1 20:58:31 prd-ubuntu1804-docker-4c-4g-2229 sshd[1439]: Disconnected from invalid user jenkins 10.32.4.5 port 41588 [preauth]
Jan  1 20:58:33 prd-ubuntu1804-docker-4c-4g-2229 sshd[1457]: Invalid user jenkins from 10.32.4.5 port 41590
Jan  1 20:58:33 prd-ubuntu1804-docker-4c-4g-2229 sshd[1457]: Received disconnect from 10.32.4.5 port 41590:11: Closed due to user request. [preauth]
Jan  1 20:58:33 prd-ubuntu1804-docker-4c-4g-2229 sshd[1457]: Disconnected from invalid user jenkins 10.32.4.5 port 41590 [preauth]
Jan  1 20:58:35 prd-ubuntu1804-docker-4c-4g-2229 sshd[1459]: Invalid user jenkins from 10.32.4.5 port 41594
Jan  1 20:58:35 prd-ubuntu1804-docker-4c-4g-2229 sshd[1459]: Received disconnect from 10.32.4.5 port 41594:11: Closed due to user request. [preauth]
Jan  1 20:58:35 prd-ubuntu1804-docker-4c-4g-2229 sshd[1459]: Disconnected from invalid user jenkins 10.32.4.5 port 41594 [preauth]
Jan  1 20:58:37 prd-ubuntu1804-docker-4c-4g-2229 sshd[1461]: Invalid user jenkins from 10.32.4.5 port 41598
Jan  1 20:58:37 prd-ubuntu1804-docker-4c-4g-2229 sshd[1461]: Received disconnect from 10.32.4.5 port 41598:11: Closed due to user request. [preauth]
Jan  1 20:58:37 prd-ubuntu1804-docker-4c-4g-2229 sshd[1461]: Disconnected from invalid user jenkins 10.32.4.5 port 41598 [preauth]
Jan  1 20:58:39 prd-ubuntu1804-docker-4c-4g-2229 sshd[1463]: Invalid user jenkins from 10.32.4.5 port 41600
Jan  1 20:58:39 prd-ubuntu1804-docker-4c-4g-2229 sshd[1463]: Received disconnect from 10.32.4.5 port 41600:11: Closed due to user request. [preauth]
Jan  1 20:58:39 prd-ubuntu1804-docker-4c-4g-2229 sshd[1463]: Disconnected from invalid user jenkins 10.32.4.5 port 41600 [preauth]
Jan  1 20:58:42 prd-ubuntu1804-docker-4c-4g-2229 sshd[1465]: Invalid user jenkins from 10.32.4.5 port 41602
Jan  1 20:58:42 prd-ubuntu1804-docker-4c-4g-2229 sshd[1465]: Received disconnect from 10.32.4.5 port 41602:11: Closed due to user request. [preauth]
Jan  1 20:58:42 prd-ubuntu1804-docker-4c-4g-2229 sshd[1465]: Disconnected from invalid user jenkins 10.32.4.5 port 41602 [preauth]
Jan  1 20:58:44 prd-ubuntu1804-docker-4c-4g-2229 sshd[1467]: Invalid user jenkins from 10.32.4.5 port 41604
Jan  1 20:58:44 prd-ubuntu1804-docker-4c-4g-2229 sshd[1467]: Received disconnect from 10.32.4.5 port 41604:11: Closed due to user request. [preauth]
Jan  1 20:58:44 prd-ubuntu1804-docker-4c-4g-2229 sshd[1467]: Disconnected from invalid user jenkins 10.32.4.5 port 41604 [preauth]
Jan  1 20:58:46 prd-ubuntu1804-docker-4c-4g-2229 sshd[1478]: Invalid user jenkins from 10.32.4.5 port 41606
Jan  1 20:58:46 prd-ubuntu1804-docker-4c-4g-2229 sshd[1478]: Received disconnect from 10.32.4.5 port 41606:11: Closed due to user request. [preauth]
Jan  1 20:58:46 prd-ubuntu1804-docker-4c-4g-2229 sshd[1478]: Disconnected from invalid user jenkins 10.32.4.5 port 41606 [preauth]
Jan  1 20:58:49 prd-ubuntu1804-docker-4c-4g-2229 sshd[1686]: Invalid user jenkins from 10.32.4.5 port 41610
Jan  1 20:58:49 prd-ubuntu1804-docker-4c-4g-2229 sshd[1686]: Received disconnect from 10.32.4.5 port 41610:11: Closed due to user request. [preauth]
Jan  1 20:58:49 prd-ubuntu1804-docker-4c-4g-2229 sshd[1686]: Disconnected from invalid user jenkins 10.32.4.5 port 41610 [preauth]
Jan  1 20:58:51 prd-ubuntu1804-docker-4c-4g-2229 sshd[1750]: Invalid user jenkins from 10.32.4.5 port 41618
Jan  1 20:58:51 prd-ubuntu1804-docker-4c-4g-2229 sshd[1750]: Received disconnect from 10.32.4.5 port 41618:11: Closed due to user request. [preauth]
Jan  1 20:58:51 prd-ubuntu1804-docker-4c-4g-2229 sshd[1750]: Disconnected from invalid user jenkins 10.32.4.5 port 41618 [preauth]
Jan  1 20:58:53 prd-ubuntu1804-docker-4c-4g-2229 sshd[1768]: Invalid user jenkins from 10.32.4.5 port 41622
Jan  1 20:58:53 prd-ubuntu1804-docker-4c-4g-2229 sshd[1768]: Received disconnect from 10.32.4.5 port 41622:11: Closed due to user request. [preauth]
Jan  1 20:58:53 prd-ubuntu1804-docker-4c-4g-2229 sshd[1768]: Disconnected from invalid user jenkins 10.32.4.5 port 41622 [preauth]
Jan  1 20:58:55 prd-ubuntu1804-docker-4c-4g-2229 sshd[1772]: Invalid user jenkins from 10.32.4.5 port 41624
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 sshd[1772]: Received disconnect from 10.32.4.5 port 41624:11: Closed due to user request. [preauth]
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 sshd[1772]: Disconnected from invalid user jenkins 10.32.4.5 port 41624 [preauth]
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 useradd[1788]: new group: name=jenkins, GID=1001
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 useradd[1788]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 usermod[1804]: add 'jenkins' to group 'docker'
Jan  1 20:58:56 prd-ubuntu1804-docker-4c-4g-2229 usermod[1804]: add 'jenkins' to shadow group 'docker'
Jan  1 20:58:58 prd-ubuntu1804-docker-4c-4g-2229 sshd[1857]: Accepted publickey for jenkins from 10.32.4.5 port 41628 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jan  1 20:58:58 prd-ubuntu1804-docker-4c-4g-2229 sshd[1857]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jan  1 20:58:58 prd-ubuntu1804-docker-4c-4g-2229 systemd-logind[980]: New session 1 of user jenkins.
Jan  1 20:58:58 prd-ubuntu1804-docker-4c-4g-2229 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jan  1 20:59:02 prd-ubuntu1804-docker-4c-4g-2229 CRON[2054]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 20:59:02 prd-ubuntu1804-docker-4c-4g-2229 CRON[2054]: pam_unix(cron:session): session closed for user root
Jan  1 21:00:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[2706]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 21:00:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[2706]: pam_unix(cron:session): session closed for user root
Jan  1 21:01:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[2772]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 21:01:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[2772]: pam_unix(cron:session): session closed for user root
Jan  1 21:02:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[3727]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 21:02:01 prd-ubuntu1804-docker-4c-4g-2229 CRON[3727]: pam_unix(cron:session): session closed for user root
Jan  1 21:02:13 prd-ubuntu1804-docker-4c-4g-2229 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dep-secret-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jan  1 21:02:13 prd-ubuntu1804-docker-4c-4g-2229 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)