Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 passwd[934]: password for 'ubuntu' changed by 'root'
Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 systemd-logind[963]: Watching system buttons on /dev/input/event0 (Power Button)
Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 systemd-logind[963]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 systemd-logind[963]: New seat seat0.
Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 sshd[1090]: Server listening on 0.0.0.0 port 22.
Oct  2 03:22:40 prd-ubuntu1804-docker-4c-4g-6541 sshd[1090]: Server listening on :: port 22.
Oct  2 03:22:44 prd-ubuntu1804-docker-4c-4g-6541 sshd[1395]: Did not receive identification string from 10.32.4.5 port 51370
Oct  2 03:22:50 prd-ubuntu1804-docker-4c-4g-6541 sshd[1462]: Invalid user jenkins from 10.32.4.5 port 51374
Oct  2 03:22:50 prd-ubuntu1804-docker-4c-4g-6541 sshd[1462]: Received disconnect from 10.32.4.5 port 51374:11: Closed due to user request. [preauth]
Oct  2 03:22:50 prd-ubuntu1804-docker-4c-4g-6541 sshd[1462]: Disconnected from invalid user jenkins 10.32.4.5 port 51374 [preauth]
Oct  2 03:22:52 prd-ubuntu1804-docker-4c-4g-6541 sshd[1466]: Invalid user jenkins from 10.32.4.5 port 51378
Oct  2 03:22:52 prd-ubuntu1804-docker-4c-4g-6541 sshd[1466]: Received disconnect from 10.32.4.5 port 51378:11: Closed due to user request. [preauth]
Oct  2 03:22:52 prd-ubuntu1804-docker-4c-4g-6541 sshd[1466]: Disconnected from invalid user jenkins 10.32.4.5 port 51378 [preauth]
Oct  2 03:22:54 prd-ubuntu1804-docker-4c-4g-6541 sshd[1468]: Invalid user jenkins from 10.32.4.5 port 51380
Oct  2 03:22:54 prd-ubuntu1804-docker-4c-4g-6541 sshd[1468]: Received disconnect from 10.32.4.5 port 51380:11: Closed due to user request. [preauth]
Oct  2 03:22:54 prd-ubuntu1804-docker-4c-4g-6541 sshd[1468]: Disconnected from invalid user jenkins 10.32.4.5 port 51380 [preauth]
Oct  2 03:22:56 prd-ubuntu1804-docker-4c-4g-6541 sshd[1470]: Invalid user jenkins from 10.32.4.5 port 51382
Oct  2 03:22:56 prd-ubuntu1804-docker-4c-4g-6541 sshd[1470]: Received disconnect from 10.32.4.5 port 51382:11: Closed due to user request. [preauth]
Oct  2 03:22:56 prd-ubuntu1804-docker-4c-4g-6541 sshd[1470]: Disconnected from invalid user jenkins 10.32.4.5 port 51382 [preauth]
Oct  2 03:22:58 prd-ubuntu1804-docker-4c-4g-6541 sshd[1472]: Invalid user jenkins from 10.32.4.5 port 51384
Oct  2 03:22:58 prd-ubuntu1804-docker-4c-4g-6541 sshd[1472]: Received disconnect from 10.32.4.5 port 51384:11: Closed due to user request. [preauth]
Oct  2 03:22:58 prd-ubuntu1804-docker-4c-4g-6541 sshd[1472]: Disconnected from invalid user jenkins 10.32.4.5 port 51384 [preauth]
Oct  2 03:23:01 prd-ubuntu1804-docker-4c-4g-6541 sshd[1474]: Invalid user jenkins from 10.32.4.5 port 51386
Oct  2 03:23:01 prd-ubuntu1804-docker-4c-4g-6541 sshd[1474]: Received disconnect from 10.32.4.5 port 51386:11: Closed due to user request. [preauth]
Oct  2 03:23:01 prd-ubuntu1804-docker-4c-4g-6541 sshd[1474]: Disconnected from invalid user jenkins 10.32.4.5 port 51386 [preauth]
Oct  2 03:23:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[1476]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  2 03:23:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[1476]: pam_unix(cron:session): session closed for user root
Oct  2 03:23:03 prd-ubuntu1804-docker-4c-4g-6541 sshd[1515]: Invalid user jenkins from 10.32.4.5 port 51388
Oct  2 03:23:03 prd-ubuntu1804-docker-4c-4g-6541 sshd[1515]: Received disconnect from 10.32.4.5 port 51388:11: Closed due to user request. [preauth]
Oct  2 03:23:03 prd-ubuntu1804-docker-4c-4g-6541 sshd[1515]: Disconnected from invalid user jenkins 10.32.4.5 port 51388 [preauth]
Oct  2 03:23:05 prd-ubuntu1804-docker-4c-4g-6541 sshd[1728]: Invalid user jenkins from 10.32.4.5 port 51390
Oct  2 03:23:06 prd-ubuntu1804-docker-4c-4g-6541 sshd[1728]: Received disconnect from 10.32.4.5 port 51390:11: Closed due to user request. [preauth]
Oct  2 03:23:06 prd-ubuntu1804-docker-4c-4g-6541 sshd[1728]: Disconnected from invalid user jenkins 10.32.4.5 port 51390 [preauth]
Oct  2 03:23:08 prd-ubuntu1804-docker-4c-4g-6541 sshd[1767]: Invalid user jenkins from 10.32.4.5 port 51392
Oct  2 03:23:08 prd-ubuntu1804-docker-4c-4g-6541 sshd[1767]: Received disconnect from 10.32.4.5 port 51392:11: Closed due to user request. [preauth]
Oct  2 03:23:08 prd-ubuntu1804-docker-4c-4g-6541 sshd[1767]: Disconnected from invalid user jenkins 10.32.4.5 port 51392 [preauth]
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 sshd[1783]: Invalid user jenkins from 10.32.4.5 port 51396
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 sshd[1783]: Received disconnect from 10.32.4.5 port 51396:11: Closed due to user request. [preauth]
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 sshd[1783]: Disconnected from invalid user jenkins 10.32.4.5 port 51396 [preauth]
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 useradd[1787]: new group: name=jenkins, GID=1001
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 useradd[1787]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 usermod[1794]: add 'jenkins' to group 'docker'
Oct  2 03:23:10 prd-ubuntu1804-docker-4c-4g-6541 usermod[1794]: add 'jenkins' to shadow group 'docker'
Oct  2 03:23:12 prd-ubuntu1804-docker-4c-4g-6541 sshd[1828]: Accepted publickey for jenkins from 10.32.4.5 port 51398 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Oct  2 03:23:12 prd-ubuntu1804-docker-4c-4g-6541 sshd[1828]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Oct  2 03:23:12 prd-ubuntu1804-docker-4c-4g-6541 systemd-logind[963]: New session 2 of user jenkins.
Oct  2 03:23:12 prd-ubuntu1804-docker-4c-4g-6541 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Oct  2 03:24:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[2553]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  2 03:24:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[2553]: pam_unix(cron:session): session closed for user root
Oct  2 03:25:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[3409]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  2 03:25:01 prd-ubuntu1804-docker-4c-4g-6541 CRON[3409]: pam_unix(cron:session): session closed for user root
Oct  2 03:25:20 prd-ubuntu1804-docker-4c-4g-6541 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dev-xapp-onboarder-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Oct  2 03:25:20 prd-ubuntu1804-docker-4c-4g-6541 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)