Sep 28 10:31:40 prd-ubuntu1804-docker-4c-4g-6210 passwd[960]: password for 'ubuntu' changed by 'root'
Sep 28 10:31:40 prd-ubuntu1804-docker-4c-4g-6210 systemd-logind[1044]: Watching system buttons on /dev/input/event0 (Power Button)
Sep 28 10:31:40 prd-ubuntu1804-docker-4c-4g-6210 systemd-logind[1044]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Sep 28 10:31:40 prd-ubuntu1804-docker-4c-4g-6210 systemd-logind[1044]: New seat seat0.
Sep 28 10:31:41 prd-ubuntu1804-docker-4c-4g-6210 sshd[1259]: Server listening on 0.0.0.0 port 22.
Sep 28 10:31:41 prd-ubuntu1804-docker-4c-4g-6210 sshd[1259]: Server listening on :: port 22.
Sep 28 10:31:44 prd-ubuntu1804-docker-4c-4g-6210 sshd[1480]: Did not receive identification string from 10.32.4.5 port 50782
Sep 28 10:31:51 prd-ubuntu1804-docker-4c-4g-6210 sshd[1542]: Invalid user jenkins from 10.32.4.5 port 50790
Sep 28 10:31:51 prd-ubuntu1804-docker-4c-4g-6210 sshd[1542]: Received disconnect from 10.32.4.5 port 50790:11: Closed due to user request. [preauth]
Sep 28 10:31:51 prd-ubuntu1804-docker-4c-4g-6210 sshd[1542]: Disconnected from invalid user jenkins 10.32.4.5 port 50790 [preauth]
Sep 28 10:31:53 prd-ubuntu1804-docker-4c-4g-6210 sshd[1546]: Invalid user jenkins from 10.32.4.5 port 50794
Sep 28 10:31:53 prd-ubuntu1804-docker-4c-4g-6210 sshd[1546]: Received disconnect from 10.32.4.5 port 50794:11: Closed due to user request. [preauth]
Sep 28 10:31:53 prd-ubuntu1804-docker-4c-4g-6210 sshd[1546]: Disconnected from invalid user jenkins 10.32.4.5 port 50794 [preauth]
Sep 28 10:31:55 prd-ubuntu1804-docker-4c-4g-6210 sshd[1548]: Invalid user jenkins from 10.32.4.5 port 50796
Sep 28 10:31:55 prd-ubuntu1804-docker-4c-4g-6210 sshd[1548]: Received disconnect from 10.32.4.5 port 50796:11: Closed due to user request. [preauth]
Sep 28 10:31:55 prd-ubuntu1804-docker-4c-4g-6210 sshd[1548]: Disconnected from invalid user jenkins 10.32.4.5 port 50796 [preauth]
Sep 28 10:31:57 prd-ubuntu1804-docker-4c-4g-6210 sshd[1550]: Invalid user jenkins from 10.32.4.5 port 50800
Sep 28 10:31:58 prd-ubuntu1804-docker-4c-4g-6210 sshd[1550]: Received disconnect from 10.32.4.5 port 50800:11: Closed due to user request. [preauth]
Sep 28 10:31:58 prd-ubuntu1804-docker-4c-4g-6210 sshd[1550]: Disconnected from invalid user jenkins 10.32.4.5 port 50800 [preauth]
Sep 28 10:32:00 prd-ubuntu1804-docker-4c-4g-6210 sshd[1552]: Invalid user jenkins from 10.32.4.5 port 50802
Sep 28 10:32:00 prd-ubuntu1804-docker-4c-4g-6210 sshd[1552]: Received disconnect from 10.32.4.5 port 50802:11: Closed due to user request. [preauth]
Sep 28 10:32:00 prd-ubuntu1804-docker-4c-4g-6210 sshd[1552]: Disconnected from invalid user jenkins 10.32.4.5 port 50802 [preauth]
Sep 28 10:32:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[1554]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 28 10:32:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[1554]: pam_unix(cron:session): session closed for user root
Sep 28 10:32:02 prd-ubuntu1804-docker-4c-4g-6210 sshd[1563]: Invalid user jenkins from 10.32.4.5 port 50804
Sep 28 10:32:02 prd-ubuntu1804-docker-4c-4g-6210 sshd[1563]: Received disconnect from 10.32.4.5 port 50804:11: Closed due to user request. [preauth]
Sep 28 10:32:02 prd-ubuntu1804-docker-4c-4g-6210 sshd[1563]: Disconnected from invalid user jenkins 10.32.4.5 port 50804 [preauth]
Sep 28 10:32:03 prd-ubuntu1804-docker-4c-4g-6210 sshd[1733]: Invalid user jenkins from 10.32.4.5 port 50806
Sep 28 10:32:03 prd-ubuntu1804-docker-4c-4g-6210 sshd[1733]: Received disconnect from 10.32.4.5 port 50806:11: Closed due to user request. [preauth]
Sep 28 10:32:03 prd-ubuntu1804-docker-4c-4g-6210 sshd[1733]: Disconnected from invalid user jenkins 10.32.4.5 port 50806 [preauth]
Sep 28 10:32:06 prd-ubuntu1804-docker-4c-4g-6210 sshd[1825]: Invalid user jenkins from 10.32.4.5 port 50808
Sep 28 10:32:06 prd-ubuntu1804-docker-4c-4g-6210 sshd[1825]: Received disconnect from 10.32.4.5 port 50808:11: Closed due to user request. [preauth]
Sep 28 10:32:06 prd-ubuntu1804-docker-4c-4g-6210 sshd[1825]: Disconnected from invalid user jenkins 10.32.4.5 port 50808 [preauth]
Sep 28 10:32:08 prd-ubuntu1804-docker-4c-4g-6210 sshd[1843]: Invalid user jenkins from 10.32.4.5 port 50810
Sep 28 10:32:08 prd-ubuntu1804-docker-4c-4g-6210 sshd[1843]: Received disconnect from 10.32.4.5 port 50810:11: Closed due to user request. [preauth]
Sep 28 10:32:08 prd-ubuntu1804-docker-4c-4g-6210 sshd[1843]: Disconnected from invalid user jenkins 10.32.4.5 port 50810 [preauth]
Sep 28 10:32:09 prd-ubuntu1804-docker-4c-4g-6210 useradd[1861]: new group: name=jenkins, GID=1001
Sep 28 10:32:09 prd-ubuntu1804-docker-4c-4g-6210 useradd[1861]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Sep 28 10:32:09 prd-ubuntu1804-docker-4c-4g-6210 usermod[1868]: add 'jenkins' to group 'docker'
Sep 28 10:32:09 prd-ubuntu1804-docker-4c-4g-6210 usermod[1868]: add 'jenkins' to shadow group 'docker'
Sep 28 10:32:10 prd-ubuntu1804-docker-4c-4g-6210 sshd[1902]: Accepted publickey for jenkins from 10.32.4.5 port 50814 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Sep 28 10:32:10 prd-ubuntu1804-docker-4c-4g-6210 sshd[1902]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Sep 28 10:32:10 prd-ubuntu1804-docker-4c-4g-6210 systemd-logind[1044]: New session 2 of user jenkins.
Sep 28 10:32:10 prd-ubuntu1804-docker-4c-4g-6210 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Sep 28 10:33:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[2626]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 28 10:33:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[2626]: pam_unix(cron:session): session closed for user root
Sep 28 10:34:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[4112]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 28 10:34:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[4112]: pam_unix(cron:session): session closed for user root
Sep 28 10:35:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[7897]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 28 10:35:01 prd-ubuntu1804-docker-4c-4g-6210 CRON[7897]: pam_unix(cron:session): session closed for user root
Sep 28 10:35:30 prd-ubuntu1804-docker-4c-4g-6210 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/smo-ves-collector-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Sep 28 10:35:30 prd-ubuntu1804-docker-4c-4g-6210 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)