Jul 12 09:27:49 prd-ubuntu1804-docker-4c-4g-207 passwd[928]: password for 'ubuntu' changed by 'root'
Jul 12 09:27:50 prd-ubuntu1804-docker-4c-4g-207 systemd-logind[1125]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 12 09:27:50 prd-ubuntu1804-docker-4c-4g-207 systemd-logind[1125]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jul 12 09:27:50 prd-ubuntu1804-docker-4c-4g-207 systemd-logind[1125]: New seat seat0.
Jul 12 09:27:50 prd-ubuntu1804-docker-4c-4g-207 sshd[1299]: Server listening on 0.0.0.0 port 22.
Jul 12 09:27:50 prd-ubuntu1804-docker-4c-4g-207 sshd[1299]: Server listening on :: port 22.
Jul 12 09:27:55 prd-ubuntu1804-docker-4c-4g-207 sshd[1534]: Did not receive identification string from 10.32.4.5 port 36636
Jul 12 09:28:01 prd-ubuntu1804-docker-4c-4g-207 CRON[1552]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 12 09:28:01 prd-ubuntu1804-docker-4c-4g-207 CRON[1552]: pam_unix(cron:session): session closed for user root
Jul 12 09:28:03 prd-ubuntu1804-docker-4c-4g-207 sshd[1562]: Invalid user jenkins from 10.32.4.5 port 36646
Jul 12 09:28:03 prd-ubuntu1804-docker-4c-4g-207 sshd[1562]: Received disconnect from 10.32.4.5 port 36646:11: Closed due to user request. [preauth]
Jul 12 09:28:03 prd-ubuntu1804-docker-4c-4g-207 sshd[1562]: Disconnected from invalid user jenkins 10.32.4.5 port 36646 [preauth]
Jul 12 09:28:05 prd-ubuntu1804-docker-4c-4g-207 sshd[1566]: Invalid user jenkins from 10.32.4.5 port 36648
Jul 12 09:28:05 prd-ubuntu1804-docker-4c-4g-207 sshd[1566]: Received disconnect from 10.32.4.5 port 36648:11: Closed due to user request. [preauth]
Jul 12 09:28:05 prd-ubuntu1804-docker-4c-4g-207 sshd[1566]: Disconnected from invalid user jenkins 10.32.4.5 port 36648 [preauth]
Jul 12 09:28:07 prd-ubuntu1804-docker-4c-4g-207 sshd[1568]: Invalid user jenkins from 10.32.4.5 port 36654
Jul 12 09:28:07 prd-ubuntu1804-docker-4c-4g-207 sshd[1568]: Received disconnect from 10.32.4.5 port 36654:11: Closed due to user request. [preauth]
Jul 12 09:28:07 prd-ubuntu1804-docker-4c-4g-207 sshd[1568]: Disconnected from invalid user jenkins 10.32.4.5 port 36654 [preauth]
Jul 12 09:28:10 prd-ubuntu1804-docker-4c-4g-207 sshd[1578]: Invalid user jenkins from 10.32.4.5 port 36656
Jul 12 09:28:10 prd-ubuntu1804-docker-4c-4g-207 sshd[1578]: Received disconnect from 10.32.4.5 port 36656:11: Closed due to user request. [preauth]
Jul 12 09:28:10 prd-ubuntu1804-docker-4c-4g-207 sshd[1578]: Disconnected from invalid user jenkins 10.32.4.5 port 36656 [preauth]
Jul 12 09:28:12 prd-ubuntu1804-docker-4c-4g-207 sshd[1603]: Invalid user jenkins from 10.32.4.5 port 36658
Jul 12 09:28:12 prd-ubuntu1804-docker-4c-4g-207 sshd[1603]: Received disconnect from 10.32.4.5 port 36658:11: Closed due to user request. [preauth]
Jul 12 09:28:12 prd-ubuntu1804-docker-4c-4g-207 sshd[1603]: Disconnected from invalid user jenkins 10.32.4.5 port 36658 [preauth]
Jul 12 09:28:14 prd-ubuntu1804-docker-4c-4g-207 sshd[1805]: Invalid user jenkins from 10.32.4.5 port 36660
Jul 12 09:28:14 prd-ubuntu1804-docker-4c-4g-207 sshd[1805]: Received disconnect from 10.32.4.5 port 36660:11: Closed due to user request. [preauth]
Jul 12 09:28:14 prd-ubuntu1804-docker-4c-4g-207 sshd[1805]: Disconnected from invalid user jenkins 10.32.4.5 port 36660 [preauth]
Jul 12 09:28:16 prd-ubuntu1804-docker-4c-4g-207 sshd[1841]: Invalid user jenkins from 10.32.4.5 port 36662
Jul 12 09:28:16 prd-ubuntu1804-docker-4c-4g-207 sshd[1841]: Received disconnect from 10.32.4.5 port 36662:11: Closed due to user request. [preauth]
Jul 12 09:28:16 prd-ubuntu1804-docker-4c-4g-207 sshd[1841]: Disconnected from invalid user jenkins 10.32.4.5 port 36662 [preauth]
Jul 12 09:28:18 prd-ubuntu1804-docker-4c-4g-207 sshd[1847]: Invalid user jenkins from 10.32.4.5 port 36664
Jul 12 09:28:18 prd-ubuntu1804-docker-4c-4g-207 sshd[1847]: Received disconnect from 10.32.4.5 port 36664:11: Closed due to user request. [preauth]
Jul 12 09:28:18 prd-ubuntu1804-docker-4c-4g-207 sshd[1847]: Disconnected from invalid user jenkins 10.32.4.5 port 36664 [preauth]
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 useradd[1865]: new group: name=jenkins, GID=1001
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 useradd[1865]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 usermod[1872]: add 'jenkins' to group 'docker'
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 usermod[1872]: add 'jenkins' to shadow group 'docker'
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 sshd[1920]: Accepted publickey for jenkins from 10.32.4.5 port 36668 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 sshd[1920]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 systemd-logind[1125]: New session 2 of user jenkins.
Jul 12 09:28:20 prd-ubuntu1804-docker-4c-4g-207 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jul 12 09:29:01 prd-ubuntu1804-docker-4c-4g-207 CRON[2448]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 12 09:29:01 prd-ubuntu1804-docker-4c-4g-207 CRON[2448]: pam_unix(cron:session): session closed for user root
Jul 12 09:30:01 prd-ubuntu1804-docker-4c-4g-207 CRON[2500]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 12 09:30:01 prd-ubuntu1804-docker-4c-4g-207 CRON[2500]: pam_unix(cron:session): session closed for user root
Jul 12 09:31:01 prd-ubuntu1804-docker-4c-4g-207 CRON[3468]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 12 09:31:01 prd-ubuntu1804-docker-4c-4g-207 CRON[3468]: pam_unix(cron:session): session closed for user root
Jul 12 09:31:26 prd-ubuntu1804-docker-4c-4g-207 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dev-bldr-alpine3-rmr-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jul 12 09:31:26 prd-ubuntu1804-docker-4c-4g-207 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)