Jul 17 12:40:50 prd-ubuntu1804-docker-8c-8g-28703 passwd[991]: password for 'ubuntu' changed by 'root'
Jul 17 12:40:51 prd-ubuntu1804-docker-8c-8g-28703 systemd-logind[1106]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 17 12:40:51 prd-ubuntu1804-docker-8c-8g-28703 sshd[1114]: Server listening on 0.0.0.0 port 22.
Jul 17 12:40:51 prd-ubuntu1804-docker-8c-8g-28703 systemd-logind[1106]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Jul 17 12:40:51 prd-ubuntu1804-docker-8c-8g-28703 sshd[1114]: Server listening on :: port 22.
Jul 17 12:40:51 prd-ubuntu1804-docker-8c-8g-28703 systemd-logind[1106]: New seat seat0.
Jul 17 12:40:54 prd-ubuntu1804-docker-8c-8g-28703 sshd[1395]: Did not receive identification string from 10.30.104.4 port 34184
Jul 17 12:41:01 prd-ubuntu1804-docker-8c-8g-28703 sshd[1424]: Invalid user jenkins from 10.30.104.4 port 34186
Jul 17 12:41:01 prd-ubuntu1804-docker-8c-8g-28703 sshd[1424]: Received disconnect from 10.30.104.4 port 34186:11: Closed due to user request. [preauth]
Jul 17 12:41:01 prd-ubuntu1804-docker-8c-8g-28703 sshd[1424]: Disconnected from invalid user jenkins 10.30.104.4 port 34186 [preauth]
Jul 17 12:41:01 prd-ubuntu1804-docker-8c-8g-28703 CRON[1428]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 17 12:41:01 prd-ubuntu1804-docker-8c-8g-28703 CRON[1428]: pam_unix(cron:session): session closed for user root
Jul 17 12:41:03 prd-ubuntu1804-docker-8c-8g-28703 sshd[1437]: Invalid user jenkins from 10.30.104.4 port 34188
Jul 17 12:41:03 prd-ubuntu1804-docker-8c-8g-28703 sshd[1437]: Received disconnect from 10.30.104.4 port 34188:11: Closed due to user request. [preauth]
Jul 17 12:41:03 prd-ubuntu1804-docker-8c-8g-28703 sshd[1437]: Disconnected from invalid user jenkins 10.30.104.4 port 34188 [preauth]
Jul 17 12:41:06 prd-ubuntu1804-docker-8c-8g-28703 sshd[1439]: Invalid user jenkins from 10.30.104.4 port 34190
Jul 17 12:41:06 prd-ubuntu1804-docker-8c-8g-28703 sshd[1439]: Received disconnect from 10.30.104.4 port 34190:11: Closed due to user request. [preauth]
Jul 17 12:41:06 prd-ubuntu1804-docker-8c-8g-28703 sshd[1439]: Disconnected from invalid user jenkins 10.30.104.4 port 34190 [preauth]
Jul 17 12:41:08 prd-ubuntu1804-docker-8c-8g-28703 sshd[1462]: Invalid user jenkins from 10.30.104.4 port 34194
Jul 17 12:41:08 prd-ubuntu1804-docker-8c-8g-28703 sshd[1462]: Received disconnect from 10.30.104.4 port 34194:11: Closed due to user request. [preauth]
Jul 17 12:41:08 prd-ubuntu1804-docker-8c-8g-28703 sshd[1462]: Disconnected from invalid user jenkins 10.30.104.4 port 34194 [preauth]
Jul 17 12:41:10 prd-ubuntu1804-docker-8c-8g-28703 sshd[1683]: Invalid user jenkins from 10.30.104.4 port 34202
Jul 17 12:41:10 prd-ubuntu1804-docker-8c-8g-28703 sshd[1683]: Received disconnect from 10.30.104.4 port 34202:11: Closed due to user request. [preauth]
Jul 17 12:41:10 prd-ubuntu1804-docker-8c-8g-28703 sshd[1683]: Disconnected from invalid user jenkins 10.30.104.4 port 34202 [preauth]
Jul 17 12:41:12 prd-ubuntu1804-docker-8c-8g-28703 sshd[1708]: Invalid user jenkins from 10.30.104.4 port 34204
Jul 17 12:41:12 prd-ubuntu1804-docker-8c-8g-28703 sshd[1708]: Received disconnect from 10.30.104.4 port 34204:11: Closed due to user request. [preauth]
Jul 17 12:41:12 prd-ubuntu1804-docker-8c-8g-28703 sshd[1708]: Disconnected from invalid user jenkins 10.30.104.4 port 34204 [preauth]
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 useradd[1728]: new group: name=jenkins, GID=1001
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 useradd[1728]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 usermod[1735]: add 'jenkins' to group 'docker'
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 usermod[1735]: add 'jenkins' to shadow group 'docker'
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 sshd[1765]: Accepted publickey for jenkins from 10.30.104.4 port 34208 ssh2: RSA SHA256:V0799BjlU//1ruj1g81rY7MeNIJkwAJ0Kr3lNX3XaN4
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 sshd[1765]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 systemd-logind[1106]: New session 2 of user jenkins.
Jul 17 12:41:14 prd-ubuntu1804-docker-8c-8g-28703 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Jul 17 12:42:01 prd-ubuntu1804-docker-8c-8g-28703 CRON[2410]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 17 12:42:02 prd-ubuntu1804-docker-8c-8g-28703 CRON[2410]: pam_unix(cron:session): session closed for user root
Jul 17 12:43:02 prd-ubuntu1804-docker-8c-8g-28703 CRON[2838]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 17 12:43:02 prd-ubuntu1804-docker-8c-8g-28703 CRON[2838]: pam_unix(cron:session): session closed for user root
Jul 17 12:44:01 prd-ubuntu1804-docker-8c-8g-28703 CRON[2859]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 17 12:44:01 prd-ubuntu1804-docker-8c-8g-28703 CRON[2859]: pam_unix(cron:session): session closed for user root
Jul 17 12:44:30 prd-ubuntu1804-docker-8c-8g-28703 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/dcaegen2-services-ml-prediction-ms-tox-sonar ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Jul 17 12:44:30 prd-ubuntu1804-docker-8c-8g-28703 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)