Aug 21 03:22:41 prd-ubuntu1804-docker-4c-4g-3001 passwd[927]: password for 'ubuntu' changed by 'root'
Aug 21 03:22:41 prd-ubuntu1804-docker-4c-4g-3001 systemd-logind[1000]: Watching system buttons on /dev/input/event0 (Power Button)
Aug 21 03:22:41 prd-ubuntu1804-docker-4c-4g-3001 systemd-logind[1000]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Aug 21 03:22:41 prd-ubuntu1804-docker-4c-4g-3001 systemd-logind[1000]: New seat seat0.
Aug 21 03:22:42 prd-ubuntu1804-docker-4c-4g-3001 sshd[1095]: Server listening on 0.0.0.0 port 22.
Aug 21 03:22:42 prd-ubuntu1804-docker-4c-4g-3001 sshd[1095]: Server listening on :: port 22.
Aug 21 03:22:46 prd-ubuntu1804-docker-4c-4g-3001 sshd[1428]: Did not receive identification string from 10.32.4.5 port 45218
Aug 21 03:22:50 prd-ubuntu1804-docker-4c-4g-3001 sshd[1495]: Invalid user jenkins from 10.32.4.5 port 45220
Aug 21 03:22:51 prd-ubuntu1804-docker-4c-4g-3001 sshd[1495]: Received disconnect from 10.32.4.5 port 45220:11: Closed due to user request. [preauth]
Aug 21 03:22:51 prd-ubuntu1804-docker-4c-4g-3001 sshd[1495]: Disconnected from invalid user jenkins 10.32.4.5 port 45220 [preauth]
Aug 21 03:22:53 prd-ubuntu1804-docker-4c-4g-3001 sshd[1499]: Invalid user jenkins from 10.32.4.5 port 45224
Aug 21 03:22:53 prd-ubuntu1804-docker-4c-4g-3001 sshd[1499]: Received disconnect from 10.32.4.5 port 45224:11: Closed due to user request. [preauth]
Aug 21 03:22:53 prd-ubuntu1804-docker-4c-4g-3001 sshd[1499]: Disconnected from invalid user jenkins 10.32.4.5 port 45224 [preauth]
Aug 21 03:22:55 prd-ubuntu1804-docker-4c-4g-3001 sshd[1501]: Invalid user jenkins from 10.32.4.5 port 45226
Aug 21 03:22:55 prd-ubuntu1804-docker-4c-4g-3001 sshd[1501]: Received disconnect from 10.32.4.5 port 45226:11: Closed due to user request. [preauth]
Aug 21 03:22:55 prd-ubuntu1804-docker-4c-4g-3001 sshd[1501]: Disconnected from invalid user jenkins 10.32.4.5 port 45226 [preauth]
Aug 21 03:22:57 prd-ubuntu1804-docker-4c-4g-3001 sshd[1503]: Invalid user jenkins from 10.32.4.5 port 45228
Aug 21 03:22:57 prd-ubuntu1804-docker-4c-4g-3001 sshd[1503]: Received disconnect from 10.32.4.5 port 45228:11: Closed due to user request. [preauth]
Aug 21 03:22:57 prd-ubuntu1804-docker-4c-4g-3001 sshd[1503]: Disconnected from invalid user jenkins 10.32.4.5 port 45228 [preauth]
Aug 21 03:22:59 prd-ubuntu1804-docker-4c-4g-3001 sshd[1505]: Invalid user jenkins from 10.32.4.5 port 45232
Aug 21 03:22:59 prd-ubuntu1804-docker-4c-4g-3001 sshd[1505]: Received disconnect from 10.32.4.5 port 45232:11: Closed due to user request. [preauth]
Aug 21 03:22:59 prd-ubuntu1804-docker-4c-4g-3001 sshd[1505]: Disconnected from invalid user jenkins 10.32.4.5 port 45232 [preauth]
Aug 21 03:23:01 prd-ubuntu1804-docker-4c-4g-3001 sshd[1507]: Invalid user jenkins from 10.32.4.5 port 45234
Aug 21 03:23:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[1509]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 21 03:23:01 prd-ubuntu1804-docker-4c-4g-3001 sshd[1507]: Received disconnect from 10.32.4.5 port 45234:11: Closed due to user request. [preauth]
Aug 21 03:23:01 prd-ubuntu1804-docker-4c-4g-3001 sshd[1507]: Disconnected from invalid user jenkins 10.32.4.5 port 45234 [preauth]
Aug 21 03:23:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[1509]: pam_unix(cron:session): session closed for user root
Aug 21 03:23:03 prd-ubuntu1804-docker-4c-4g-3001 sshd[1527]: Invalid user jenkins from 10.32.4.5 port 45236
Aug 21 03:23:03 prd-ubuntu1804-docker-4c-4g-3001 sshd[1527]: Received disconnect from 10.32.4.5 port 45236:11: Closed due to user request. [preauth]
Aug 21 03:23:03 prd-ubuntu1804-docker-4c-4g-3001 sshd[1527]: Disconnected from invalid user jenkins 10.32.4.5 port 45236 [preauth]
Aug 21 03:23:05 prd-ubuntu1804-docker-4c-4g-3001 sshd[1741]: Invalid user jenkins from 10.32.4.5 port 45238
Aug 21 03:23:05 prd-ubuntu1804-docker-4c-4g-3001 sshd[1741]: Received disconnect from 10.32.4.5 port 45238:11: Closed due to user request. [preauth]
Aug 21 03:23:05 prd-ubuntu1804-docker-4c-4g-3001 sshd[1741]: Disconnected from invalid user jenkins 10.32.4.5 port 45238 [preauth]
Aug 21 03:23:07 prd-ubuntu1804-docker-4c-4g-3001 sshd[1788]: Invalid user jenkins from 10.32.4.5 port 45240
Aug 21 03:23:07 prd-ubuntu1804-docker-4c-4g-3001 sshd[1788]: Received disconnect from 10.32.4.5 port 45240:11: Closed due to user request. [preauth]
Aug 21 03:23:07 prd-ubuntu1804-docker-4c-4g-3001 sshd[1788]: Disconnected from invalid user jenkins 10.32.4.5 port 45240 [preauth]
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 sshd[1795]: Invalid user jenkins from 10.32.4.5 port 45244
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 sshd[1795]: Received disconnect from 10.32.4.5 port 45244:11: Closed due to user request. [preauth]
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 sshd[1795]: Disconnected from invalid user jenkins 10.32.4.5 port 45244 [preauth]
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 useradd[1811]: new group: name=jenkins, GID=1001
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 useradd[1811]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 usermod[1818]: add 'jenkins' to group 'docker'
Aug 21 03:23:10 prd-ubuntu1804-docker-4c-4g-3001 usermod[1818]: add 'jenkins' to shadow group 'docker'
Aug 21 03:23:12 prd-ubuntu1804-docker-4c-4g-3001 sshd[1852]: Accepted publickey for jenkins from 10.32.4.5 port 45246 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Aug 21 03:23:12 prd-ubuntu1804-docker-4c-4g-3001 sshd[1852]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Aug 21 03:23:12 prd-ubuntu1804-docker-4c-4g-3001 systemd-logind[1000]: New session 2 of user jenkins.
Aug 21 03:23:12 prd-ubuntu1804-docker-4c-4g-3001 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Aug 21 03:24:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[2578]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 21 03:24:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[2578]: pam_unix(cron:session): session closed for user root
Aug 21 03:25:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[3425]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 21 03:25:01 prd-ubuntu1804-docker-4c-4g-3001 CRON[3425]: pam_unix(cron:session): session closed for user root
Aug 21 03:25:12 prd-ubuntu1804-docker-4c-4g-3001 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dev-xapp-onboarder-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Aug 21 03:25:12 prd-ubuntu1804-docker-4c-4g-3001 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)