Oct  5 10:31:28 prd-ubuntu1804-docker-4c-4g-6837 passwd[903]: password for 'ubuntu' changed by 'root'
Oct  5 10:31:28 prd-ubuntu1804-docker-4c-4g-6837 systemd-logind[938]: Watching system buttons on /dev/input/event0 (Power Button)
Oct  5 10:31:28 prd-ubuntu1804-docker-4c-4g-6837 systemd-logind[938]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Oct  5 10:31:28 prd-ubuntu1804-docker-4c-4g-6837 systemd-logind[938]: New seat seat0.
Oct  5 10:31:29 prd-ubuntu1804-docker-4c-4g-6837 sshd[1243]: Server listening on 0.0.0.0 port 22.
Oct  5 10:31:29 prd-ubuntu1804-docker-4c-4g-6837 sshd[1243]: Server listening on :: port 22.
Oct  5 10:31:32 prd-ubuntu1804-docker-4c-4g-6837 sshd[1470]: Did not receive identification string from 10.32.4.5 port 52792
Oct  5 10:31:40 prd-ubuntu1804-docker-4c-4g-6837 sshd[1516]: Invalid user jenkins from 10.32.4.5 port 52796
Oct  5 10:31:40 prd-ubuntu1804-docker-4c-4g-6837 sshd[1516]: Received disconnect from 10.32.4.5 port 52796:11: Closed due to user request. [preauth]
Oct  5 10:31:40 prd-ubuntu1804-docker-4c-4g-6837 sshd[1516]: Disconnected from invalid user jenkins 10.32.4.5 port 52796 [preauth]
Oct  5 10:31:42 prd-ubuntu1804-docker-4c-4g-6837 sshd[1520]: Invalid user jenkins from 10.32.4.5 port 52798
Oct  5 10:31:42 prd-ubuntu1804-docker-4c-4g-6837 sshd[1520]: Received disconnect from 10.32.4.5 port 52798:11: Closed due to user request. [preauth]
Oct  5 10:31:42 prd-ubuntu1804-docker-4c-4g-6837 sshd[1520]: Disconnected from invalid user jenkins 10.32.4.5 port 52798 [preauth]
Oct  5 10:31:44 prd-ubuntu1804-docker-4c-4g-6837 sshd[1522]: Invalid user jenkins from 10.32.4.5 port 52806
Oct  5 10:31:44 prd-ubuntu1804-docker-4c-4g-6837 sshd[1522]: Received disconnect from 10.32.4.5 port 52806:11: Closed due to user request. [preauth]
Oct  5 10:31:44 prd-ubuntu1804-docker-4c-4g-6837 sshd[1522]: Disconnected from invalid user jenkins 10.32.4.5 port 52806 [preauth]
Oct  5 10:31:46 prd-ubuntu1804-docker-4c-4g-6837 sshd[1524]: Invalid user jenkins from 10.32.4.5 port 52808
Oct  5 10:31:46 prd-ubuntu1804-docker-4c-4g-6837 sshd[1524]: Received disconnect from 10.32.4.5 port 52808:11: Closed due to user request. [preauth]
Oct  5 10:31:46 prd-ubuntu1804-docker-4c-4g-6837 sshd[1524]: Disconnected from invalid user jenkins 10.32.4.5 port 52808 [preauth]
Oct  5 10:31:48 prd-ubuntu1804-docker-4c-4g-6837 sshd[1526]: Invalid user jenkins from 10.32.4.5 port 52810
Oct  5 10:31:48 prd-ubuntu1804-docker-4c-4g-6837 sshd[1526]: Received disconnect from 10.32.4.5 port 52810:11: Closed due to user request. [preauth]
Oct  5 10:31:48 prd-ubuntu1804-docker-4c-4g-6837 sshd[1526]: Disconnected from invalid user jenkins 10.32.4.5 port 52810 [preauth]
Oct  5 10:31:50 prd-ubuntu1804-docker-4c-4g-6837 sshd[1539]: Invalid user jenkins from 10.32.4.5 port 52812
Oct  5 10:31:51 prd-ubuntu1804-docker-4c-4g-6837 sshd[1539]: Received disconnect from 10.32.4.5 port 52812:11: Closed due to user request. [preauth]
Oct  5 10:31:51 prd-ubuntu1804-docker-4c-4g-6837 sshd[1539]: Disconnected from invalid user jenkins 10.32.4.5 port 52812 [preauth]
Oct  5 10:31:53 prd-ubuntu1804-docker-4c-4g-6837 sshd[1764]: Invalid user jenkins from 10.32.4.5 port 52820
Oct  5 10:31:53 prd-ubuntu1804-docker-4c-4g-6837 sshd[1764]: Received disconnect from 10.32.4.5 port 52820:11: Closed due to user request. [preauth]
Oct  5 10:31:53 prd-ubuntu1804-docker-4c-4g-6837 sshd[1764]: Disconnected from invalid user jenkins 10.32.4.5 port 52820 [preauth]
Oct  5 10:31:55 prd-ubuntu1804-docker-4c-4g-6837 sshd[1803]: Invalid user jenkins from 10.32.4.5 port 52822
Oct  5 10:31:56 prd-ubuntu1804-docker-4c-4g-6837 sshd[1803]: Received disconnect from 10.32.4.5 port 52822:11: Closed due to user request. [preauth]
Oct  5 10:31:56 prd-ubuntu1804-docker-4c-4g-6837 sshd[1803]: Disconnected from invalid user jenkins 10.32.4.5 port 52822 [preauth]
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 sshd[1819]: Invalid user jenkins from 10.32.4.5 port 52824
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 sshd[1819]: Received disconnect from 10.32.4.5 port 52824:11: Closed due to user request. [preauth]
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 sshd[1819]: Disconnected from invalid user jenkins 10.32.4.5 port 52824 [preauth]
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 useradd[1823]: new group: name=jenkins, GID=1001
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 useradd[1823]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 usermod[1830]: add 'jenkins' to group 'docker'
Oct  5 10:31:58 prd-ubuntu1804-docker-4c-4g-6837 usermod[1830]: add 'jenkins' to shadow group 'docker'
Oct  5 10:32:00 prd-ubuntu1804-docker-4c-4g-6837 sshd[1864]: Accepted publickey for jenkins from 10.32.4.5 port 52826 ssh2: RSA SHA256:MwkAMVxCcf5mjE3h3rXSsWkdX5TtX0v/kuPsZexJ1qI
Oct  5 10:32:00 prd-ubuntu1804-docker-4c-4g-6837 sshd[1864]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Oct  5 10:32:00 prd-ubuntu1804-docker-4c-4g-6837 systemd-logind[938]: New session 1 of user jenkins.
Oct  5 10:32:00 prd-ubuntu1804-docker-4c-4g-6837 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Oct  5 10:32:02 prd-ubuntu1804-docker-4c-4g-6837 CRON[2052]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  5 10:32:02 prd-ubuntu1804-docker-4c-4g-6837 CRON[2052]: pam_unix(cron:session): session closed for user root
Oct  5 10:33:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[2616]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  5 10:33:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[2616]: pam_unix(cron:session): session closed for user root
Oct  5 10:34:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[6684]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  5 10:34:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[6684]: pam_unix(cron:session): session closed for user root
Oct  5 10:35:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[8169]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  5 10:35:01 prd-ubuntu1804-docker-4c-4g-6837 CRON[8169]: pam_unix(cron:session): session closed for user root
Oct  5 10:35:11 prd-ubuntu1804-docker-4c-4g-6837 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/smo-ves-collector-docker-merge-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Oct  5 10:35:11 prd-ubuntu1804-docker-4c-4g-6837 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)