Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 passwd[981]: password for 'ubuntu' changed by 'root'
Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 sshd[1084]: Server listening on 0.0.0.0 port 22.
Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 sshd[1084]: Server listening on :: port 22.
Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 systemd-logind[1082]: Watching system buttons on /dev/input/event0 (Power Button)
Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 systemd-logind[1082]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Sep 18 09:37:44 prd-ubuntu1804-docker-8c-8g-46811 systemd-logind[1082]: New seat seat0.
Sep 18 09:37:45 prd-ubuntu1804-docker-8c-8g-46811 sshd[1391]: Did not receive identification string from 10.30.104.4 port 53842
Sep 18 09:37:51 prd-ubuntu1804-docker-8c-8g-46811 sshd[1431]: Invalid user jenkins from 10.30.104.4 port 53848
Sep 18 09:37:51 prd-ubuntu1804-docker-8c-8g-46811 sshd[1431]: Received disconnect from 10.30.104.4 port 53848:11: Closed due to user request. [preauth]
Sep 18 09:37:51 prd-ubuntu1804-docker-8c-8g-46811 sshd[1431]: Disconnected from invalid user jenkins 10.30.104.4 port 53848 [preauth]
Sep 18 09:37:53 prd-ubuntu1804-docker-8c-8g-46811 sshd[1435]: Invalid user jenkins from 10.30.104.4 port 53850
Sep 18 09:37:53 prd-ubuntu1804-docker-8c-8g-46811 sshd[1435]: Received disconnect from 10.30.104.4 port 53850:11: Closed due to user request. [preauth]
Sep 18 09:37:53 prd-ubuntu1804-docker-8c-8g-46811 sshd[1435]: Disconnected from invalid user jenkins 10.30.104.4 port 53850 [preauth]
Sep 18 09:37:55 prd-ubuntu1804-docker-8c-8g-46811 sshd[1437]: Invalid user jenkins from 10.30.104.4 port 53860
Sep 18 09:37:55 prd-ubuntu1804-docker-8c-8g-46811 sshd[1437]: Received disconnect from 10.30.104.4 port 53860:11: Closed due to user request. [preauth]
Sep 18 09:37:55 prd-ubuntu1804-docker-8c-8g-46811 sshd[1437]: Disconnected from invalid user jenkins 10.30.104.4 port 53860 [preauth]
Sep 18 09:37:57 prd-ubuntu1804-docker-8c-8g-46811 sshd[1439]: Invalid user jenkins from 10.30.104.4 port 53864
Sep 18 09:37:57 prd-ubuntu1804-docker-8c-8g-46811 sshd[1439]: Received disconnect from 10.30.104.4 port 53864:11: Closed due to user request. [preauth]
Sep 18 09:37:57 prd-ubuntu1804-docker-8c-8g-46811 sshd[1439]: Disconnected from invalid user jenkins 10.30.104.4 port 53864 [preauth]
Sep 18 09:38:00 prd-ubuntu1804-docker-8c-8g-46811 sshd[1441]: Invalid user jenkins from 10.30.104.4 port 53870
Sep 18 09:38:00 prd-ubuntu1804-docker-8c-8g-46811 sshd[1441]: Received disconnect from 10.30.104.4 port 53870:11: Closed due to user request. [preauth]
Sep 18 09:38:00 prd-ubuntu1804-docker-8c-8g-46811 sshd[1441]: Disconnected from invalid user jenkins 10.30.104.4 port 53870 [preauth]
Sep 18 09:38:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[1443]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:38:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[1443]: pam_unix(cron:session): session closed for user root
Sep 18 09:38:02 prd-ubuntu1804-docker-8c-8g-46811 sshd[1527]: Invalid user jenkins from 10.30.104.4 port 53876
Sep 18 09:38:02 prd-ubuntu1804-docker-8c-8g-46811 sshd[1527]: Received disconnect from 10.30.104.4 port 53876:11: Closed due to user request. [preauth]
Sep 18 09:38:02 prd-ubuntu1804-docker-8c-8g-46811 sshd[1527]: Disconnected from invalid user jenkins 10.30.104.4 port 53876 [preauth]
Sep 18 09:38:04 prd-ubuntu1804-docker-8c-8g-46811 sshd[1696]: Invalid user jenkins from 10.30.104.4 port 53882
Sep 18 09:38:04 prd-ubuntu1804-docker-8c-8g-46811 sshd[1696]: Received disconnect from 10.30.104.4 port 53882:11: Closed due to user request. [preauth]
Sep 18 09:38:04 prd-ubuntu1804-docker-8c-8g-46811 sshd[1696]: Disconnected from invalid user jenkins 10.30.104.4 port 53882 [preauth]
Sep 18 09:38:06 prd-ubuntu1804-docker-8c-8g-46811 sshd[1721]: Invalid user jenkins from 10.30.104.4 port 53886
Sep 18 09:38:07 prd-ubuntu1804-docker-8c-8g-46811 sshd[1721]: Received disconnect from 10.30.104.4 port 53886:11: Closed due to user request. [preauth]
Sep 18 09:38:07 prd-ubuntu1804-docker-8c-8g-46811 sshd[1721]: Disconnected from invalid user jenkins 10.30.104.4 port 53886 [preauth]
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 sshd[1723]: Invalid user jenkins from 10.30.104.4 port 53896
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 sshd[1723]: Received disconnect from 10.30.104.4 port 53896:11: Closed due to user request. [preauth]
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 sshd[1723]: Disconnected from invalid user jenkins 10.30.104.4 port 53896 [preauth]
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 useradd[1750]: new group: name=jenkins, GID=1001
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 useradd[1750]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 usermod[1757]: add 'jenkins' to group 'docker'
Sep 18 09:38:09 prd-ubuntu1804-docker-8c-8g-46811 usermod[1757]: add 'jenkins' to shadow group 'docker'
Sep 18 09:38:11 prd-ubuntu1804-docker-8c-8g-46811 sshd[1818]: Accepted publickey for jenkins from 10.30.104.4 port 53900 ssh2: RSA SHA256:V0799BjlU//1ruj1g81rY7MeNIJkwAJ0Kr3lNX3XaN4
Sep 18 09:38:11 prd-ubuntu1804-docker-8c-8g-46811 sshd[1818]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Sep 18 09:38:11 prd-ubuntu1804-docker-8c-8g-46811 systemd-logind[1082]: New session 2 of user jenkins.
Sep 18 09:38:11 prd-ubuntu1804-docker-8c-8g-46811 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Sep 18 09:39:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[2416]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:39:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[2416]: pam_unix(cron:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-17-openjdk-amd64/bin/java 1
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/java-17-openjdk-amd64/bin/javac 1
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --install /usr/lib/jvm/java-openjdk java_sdk_openjdk /usr/lib/jvm/java-17-openjdk-amd64 1
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --set java /usr/lib/jvm/java-17-openjdk-amd64/bin/java
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --set javac /usr/lib/jvm/java-17-openjdk-amd64/bin/javac
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/usr/bin/update-alternatives --set java_sdk_openjdk /usr/lib/jvm/java-17-openjdk-amd64
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Sep 18 09:39:23 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session closed for user root
Sep 18 09:40:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[2925]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:40:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[2925]: pam_unix(cron:session): session closed for user root
Sep 18 09:41:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[3406]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:41:02 prd-ubuntu1804-docker-8c-8g-46811 CRON[3406]: pam_unix(cron:session): session closed for user root
Sep 18 09:42:02 prd-ubuntu1804-docker-8c-8g-46811 CRON[3937]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:42:02 prd-ubuntu1804-docker-8c-8g-46811 CRON[3937]: pam_unix(cron:session): session closed for user root
Sep 18 09:43:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4251]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:43:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4251]: pam_unix(cron:session): session closed for user root
Sep 18 09:44:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4628]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:44:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4628]: pam_unix(cron:session): session closed for user root
Sep 18 09:45:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4998]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 18 09:45:01 prd-ubuntu1804-docker-8c-8g-46811 CRON[4998]: pam_unix(cron:session): session closed for user root
Sep 18 09:45:42 prd-ubuntu1804-docker-8c-8g-46811 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/policy-clamp-sonar-verify ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Sep 18 09:45:42 prd-ubuntu1804-docker-8c-8g-46811 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)