Jan  1 03:22:46 prd-ubuntu1804-docker-4c-4g-626 passwd[926]: password for 'ubuntu' changed by 'root'
Jan  1 03:22:46 prd-ubuntu1804-docker-4c-4g-626 systemd-logind[988]: Watching system buttons on /dev/input/event0 (Power Button)
Jan  1 03:22:46 prd-ubuntu1804-docker-4c-4g-626 systemd-logind[988]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jan  1 03:22:46 prd-ubuntu1804-docker-4c-4g-626 systemd-logind[988]: New seat seat0.
Jan  1 03:22:47 prd-ubuntu1804-docker-4c-4g-626 sshd[1237]: Server listening on 0.0.0.0 port 22.
Jan  1 03:22:47 prd-ubuntu1804-docker-4c-4g-626 sshd[1237]: Server listening on :: port 22.
Jan  1 03:22:50 prd-ubuntu1804-docker-4c-4g-626 sshd[1435]: Did not receive identification string from 10.32.4.5 port 56070
Jan  1 03:22:58 prd-ubuntu1804-docker-4c-4g-626 sshd[1492]: Invalid user jenkins from 10.32.4.5 port 56078
Jan  1 03:22:58 prd-ubuntu1804-docker-4c-4g-626 sshd[1492]: Received disconnect from 10.32.4.5 port 56078:11: Closed due to user request. [preauth]
Jan  1 03:22:58 prd-ubuntu1804-docker-4c-4g-626 sshd[1492]: Disconnected from invalid user jenkins 10.32.4.5 port 56078 [preauth]
Jan  1 03:23:00 prd-ubuntu1804-docker-4c-4g-626 sshd[1496]: Invalid user jenkins from 10.32.4.5 port 56082
Jan  1 03:23:00 prd-ubuntu1804-docker-4c-4g-626 sshd[1496]: Received disconnect from 10.32.4.5 port 56082:11: Closed due to user request. [preauth]
Jan  1 03:23:00 prd-ubuntu1804-docker-4c-4g-626 sshd[1496]: Disconnected from invalid user jenkins 10.32.4.5 port 56082 [preauth]
Jan  1 03:23:01 prd-ubuntu1804-docker-4c-4g-626 CRON[1499]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 03:23:01 prd-ubuntu1804-docker-4c-4g-626 CRON[1499]: pam_unix(cron:session): session closed for user root
Jan  1 03:23:02 prd-ubuntu1804-docker-4c-4g-626 sshd[1507]: Invalid user jenkins from 10.32.4.5 port 56084
Jan  1 03:23:02 prd-ubuntu1804-docker-4c-4g-626 sshd[1507]: Received disconnect from 10.32.4.5 port 56084:11: Closed due to user request. [preauth]
Jan  1 03:23:02 prd-ubuntu1804-docker-4c-4g-626 sshd[1507]: Disconnected from invalid user jenkins 10.32.4.5 port 56084 [preauth]
Jan  1 03:23:04 prd-ubuntu1804-docker-4c-4g-626 sshd[1509]: Invalid user jenkins from 10.32.4.5 port 56086
Jan  1 03:23:04 prd-ubuntu1804-docker-4c-4g-626 sshd[1509]: Received disconnect from 10.32.4.5 port 56086:11: Closed due to user request. [preauth]
Jan  1 03:23:04 prd-ubuntu1804-docker-4c-4g-626 sshd[1509]: Disconnected from invalid user jenkins 10.32.4.5 port 56086 [preauth]
Jan  1 03:23:06 prd-ubuntu1804-docker-4c-4g-626 sshd[1511]: Invalid user jenkins from 10.32.4.5 port 56088
Jan  1 03:23:06 prd-ubuntu1804-docker-4c-4g-626 sshd[1511]: Received disconnect from 10.32.4.5 port 56088:11: Closed due to user request. [preauth]
Jan  1 03:23:06 prd-ubuntu1804-docker-4c-4g-626 sshd[1511]: Disconnected from invalid user jenkins 10.32.4.5 port 56088 [preauth]
Jan  1 03:23:08 prd-ubuntu1804-docker-4c-4g-626 sshd[1550]: Invalid user jenkins from 10.32.4.5 port 56090
Jan  1 03:23:08 prd-ubuntu1804-docker-4c-4g-626 sshd[1550]: Received disconnect from 10.32.4.5 port 56090:11: Closed due to user request. [preauth]
Jan  1 03:23:08 prd-ubuntu1804-docker-4c-4g-626 sshd[1550]: Disconnected from invalid user jenkins 10.32.4.5 port 56090 [preauth]
Jan  1 03:23:11 prd-ubuntu1804-docker-4c-4g-626 sshd[1746]: Invalid user jenkins from 10.32.4.5 port 56094
Jan  1 03:23:11 prd-ubuntu1804-docker-4c-4g-626 sshd[1746]: Received disconnect from 10.32.4.5 port 56094:11: Closed due to user request. [preauth]
Jan  1 03:23:11 prd-ubuntu1804-docker-4c-4g-626 sshd[1746]: Disconnected from invalid user jenkins 10.32.4.5 port 56094 [preauth]
Jan  1 03:23:13 prd-ubuntu1804-docker-4c-4g-626 sshd[1785]: Invalid user jenkins from 10.32.4.5 port 56096
Jan  1 03:23:13 prd-ubuntu1804-docker-4c-4g-626 sshd[1785]: Received disconnect from 10.32.4.5 port 56096:11: Closed due to user request. [preauth]
Jan  1 03:23:13 prd-ubuntu1804-docker-4c-4g-626 sshd[1785]: Disconnected from invalid user jenkins 10.32.4.5 port 56096 [preauth]
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 useradd[1803]: new group: name=jenkins, GID=1001
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 useradd[1803]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 usermod[1810]: add 'jenkins' to group 'docker'
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 usermod[1810]: add 'jenkins' to shadow group 'docker'
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 sshd[1841]: Accepted publickey for jenkins from 10.32.4.5 port 56100 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 sshd[1841]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 systemd-logind[988]: New session 2 of user jenkins.
Jan  1 03:23:15 prd-ubuntu1804-docker-4c-4g-626 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jan  1 03:24:02 prd-ubuntu1804-docker-4c-4g-626 CRON[2423]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 03:24:02 prd-ubuntu1804-docker-4c-4g-626 CRON[2423]: pam_unix(cron:session): session closed for user root
Jan  1 03:25:01 prd-ubuntu1804-docker-4c-4g-626 CRON[3432]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan  1 03:25:01 prd-ubuntu1804-docker-4c-4g-626 CRON[3432]: pam_unix(cron:session): session closed for user root
Jan  1 03:25:08 prd-ubuntu1804-docker-4c-4g-626 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/it-dev-xapp-onboarder-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jan  1 03:25:08 prd-ubuntu1804-docker-4c-4g-626 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)