Mar 30 04:51:43 prd-ubuntu1804-docker-4c-4g-109 passwd[908]: password for 'ubuntu' changed by 'root'
Mar 30 04:51:43 prd-ubuntu1804-docker-4c-4g-109 systemd-logind[1040]: Watching system buttons on /dev/input/event0 (Power Button)
Mar 30 04:51:43 prd-ubuntu1804-docker-4c-4g-109 systemd-logind[1040]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Mar 30 04:51:43 prd-ubuntu1804-docker-4c-4g-109 systemd-logind[1040]: New seat seat0.
Mar 30 04:51:44 prd-ubuntu1804-docker-4c-4g-109 sshd[1270]: Server listening on 0.0.0.0 port 22.
Mar 30 04:51:44 prd-ubuntu1804-docker-4c-4g-109 sshd[1270]: Server listening on :: port 22.
Mar 30 04:51:47 prd-ubuntu1804-docker-4c-4g-109 sshd[1503]: Did not receive identification string from 10.32.4.5 port 49082
Mar 30 04:51:56 prd-ubuntu1804-docker-4c-4g-109 sshd[1558]: Invalid user jenkins from 10.32.4.5 port 49086
Mar 30 04:51:56 prd-ubuntu1804-docker-4c-4g-109 sshd[1558]: Received disconnect from 10.32.4.5 port 49086:11: Closed due to user request. [preauth]
Mar 30 04:51:56 prd-ubuntu1804-docker-4c-4g-109 sshd[1558]: Disconnected from invalid user jenkins 10.32.4.5 port 49086 [preauth]
Mar 30 04:51:58 prd-ubuntu1804-docker-4c-4g-109 sshd[1562]: Invalid user jenkins from 10.32.4.5 port 49088
Mar 30 04:51:58 prd-ubuntu1804-docker-4c-4g-109 sshd[1562]: Received disconnect from 10.32.4.5 port 49088:11: Closed due to user request. [preauth]
Mar 30 04:51:58 prd-ubuntu1804-docker-4c-4g-109 sshd[1562]: Disconnected from invalid user jenkins 10.32.4.5 port 49088 [preauth]
Mar 30 04:52:00 prd-ubuntu1804-docker-4c-4g-109 sshd[1564]: Invalid user jenkins from 10.32.4.5 port 49090
Mar 30 04:52:00 prd-ubuntu1804-docker-4c-4g-109 sshd[1564]: Received disconnect from 10.32.4.5 port 49090:11: Closed due to user request. [preauth]
Mar 30 04:52:00 prd-ubuntu1804-docker-4c-4g-109 sshd[1564]: Disconnected from invalid user jenkins 10.32.4.5 port 49090 [preauth]
Mar 30 04:52:01 prd-ubuntu1804-docker-4c-4g-109 CRON[1566]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 30 04:52:01 prd-ubuntu1804-docker-4c-4g-109 CRON[1566]: pam_unix(cron:session): session closed for user root
Mar 30 04:52:02 prd-ubuntu1804-docker-4c-4g-109 sshd[1575]: Invalid user jenkins from 10.32.4.5 port 49092
Mar 30 04:52:02 prd-ubuntu1804-docker-4c-4g-109 sshd[1575]: Received disconnect from 10.32.4.5 port 49092:11: Closed due to user request. [preauth]
Mar 30 04:52:02 prd-ubuntu1804-docker-4c-4g-109 sshd[1575]: Disconnected from invalid user jenkins 10.32.4.5 port 49092 [preauth]
Mar 30 04:52:04 prd-ubuntu1804-docker-4c-4g-109 sshd[1577]: Invalid user jenkins from 10.32.4.5 port 49094
Mar 30 04:52:04 prd-ubuntu1804-docker-4c-4g-109 sshd[1577]: Received disconnect from 10.32.4.5 port 49094:11: Closed due to user request. [preauth]
Mar 30 04:52:04 prd-ubuntu1804-docker-4c-4g-109 sshd[1577]: Disconnected from invalid user jenkins 10.32.4.5 port 49094 [preauth]
Mar 30 04:52:07 prd-ubuntu1804-docker-4c-4g-109 sshd[1744]: Invalid user jenkins from 10.32.4.5 port 49096
Mar 30 04:52:07 prd-ubuntu1804-docker-4c-4g-109 sshd[1744]: Received disconnect from 10.32.4.5 port 49096:11: Closed due to user request. [preauth]
Mar 30 04:52:07 prd-ubuntu1804-docker-4c-4g-109 sshd[1744]: Disconnected from invalid user jenkins 10.32.4.5 port 49096 [preauth]
Mar 30 04:52:09 prd-ubuntu1804-docker-4c-4g-109 sshd[1818]: Invalid user jenkins from 10.32.4.5 port 49100
Mar 30 04:52:09 prd-ubuntu1804-docker-4c-4g-109 sshd[1818]: Received disconnect from 10.32.4.5 port 49100:11: Closed due to user request. [preauth]
Mar 30 04:52:09 prd-ubuntu1804-docker-4c-4g-109 sshd[1818]: Disconnected from invalid user jenkins 10.32.4.5 port 49100 [preauth]
Mar 30 04:52:11 prd-ubuntu1804-docker-4c-4g-109 sshd[1855]: Invalid user jenkins from 10.32.4.5 port 49102
Mar 30 04:52:11 prd-ubuntu1804-docker-4c-4g-109 sshd[1855]: Received disconnect from 10.32.4.5 port 49102:11: Closed due to user request. [preauth]
Mar 30 04:52:11 prd-ubuntu1804-docker-4c-4g-109 sshd[1855]: Disconnected from invalid user jenkins 10.32.4.5 port 49102 [preauth]
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 sshd[1871]: Invalid user jenkins from 10.32.4.5 port 49104
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 sshd[1871]: Received disconnect from 10.32.4.5 port 49104:11: Closed due to user request. [preauth]
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 sshd[1871]: Disconnected from invalid user jenkins 10.32.4.5 port 49104 [preauth]
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 useradd[1875]: new group: name=jenkins, GID=1001
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 useradd[1875]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 usermod[1882]: add 'jenkins' to group 'docker'
Mar 30 04:52:13 prd-ubuntu1804-docker-4c-4g-109 usermod[1882]: add 'jenkins' to shadow group 'docker'
Mar 30 04:52:15 prd-ubuntu1804-docker-4c-4g-109 sshd[1926]: Accepted publickey for jenkins from 10.32.4.5 port 49112 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Mar 30 04:52:15 prd-ubuntu1804-docker-4c-4g-109 sshd[1926]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Mar 30 04:52:15 prd-ubuntu1804-docker-4c-4g-109 systemd-logind[1040]: New session 2 of user jenkins.
Mar 30 04:52:15 prd-ubuntu1804-docker-4c-4g-109 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Mar 30 04:53:02 prd-ubuntu1804-docker-4c-4g-109 CRON[2494]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 30 04:53:02 prd-ubuntu1804-docker-4c-4g-109 CRON[2494]: pam_unix(cron:session): session closed for user root
Mar 30 04:54:01 prd-ubuntu1804-docker-4c-4g-109 CRON[3200]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 30 04:54:01 prd-ubuntu1804-docker-4c-4g-109 CRON[3200]: pam_unix(cron:session): session closed for user root
Mar 30 04:55:01 prd-ubuntu1804-docker-4c-4g-109 CRON[3415]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 30 04:55:01 prd-ubuntu1804-docker-4c-4g-109 CRON[3415]: pam_unix(cron:session): session closed for user root
Mar 30 04:55:23 prd-ubuntu1804-docker-4c-4g-109 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dev-bldr-alpine3-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Mar 30 04:55:23 prd-ubuntu1804-docker-4c-4g-109 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)