Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 passwd[999]: password for 'ubuntu' changed by 'root'
Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 systemd-logind[1090]: Watching system buttons on /dev/input/event0 (Power Button)
Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 systemd-logind[1090]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 systemd-logind[1090]: New seat seat0.
Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 sshd[1151]: Server listening on 0.0.0.0 port 22.
Apr 15 17:45:09 prd-ubuntu1804-docker-8c-8g-1999 sshd[1151]: Server listening on :: port 22.
Apr 15 17:45:12 prd-ubuntu1804-docker-8c-8g-1999 sshd[1439]: Did not receive identification string from 10.30.104.4 port 49494
Apr 15 17:45:22 prd-ubuntu1804-docker-8c-8g-1999 sshd[1471]: Invalid user jenkins from 10.30.104.4 port 49574
Apr 15 17:45:22 prd-ubuntu1804-docker-8c-8g-1999 sshd[1471]: Received disconnect from 10.30.104.4 port 49574:11: Closed due to user request. [preauth]
Apr 15 17:45:22 prd-ubuntu1804-docker-8c-8g-1999 sshd[1471]: Disconnected from invalid user jenkins 10.30.104.4 port 49574 [preauth]
Apr 15 17:45:24 prd-ubuntu1804-docker-8c-8g-1999 sshd[1475]: Invalid user jenkins from 10.30.104.4 port 49590
Apr 15 17:45:24 prd-ubuntu1804-docker-8c-8g-1999 sshd[1475]: Received disconnect from 10.30.104.4 port 49590:11: Closed due to user request. [preauth]
Apr 15 17:45:24 prd-ubuntu1804-docker-8c-8g-1999 sshd[1475]: Disconnected from invalid user jenkins 10.30.104.4 port 49590 [preauth]
Apr 15 17:45:26 prd-ubuntu1804-docker-8c-8g-1999 sshd[1477]: Invalid user jenkins from 10.30.104.4 port 49610
Apr 15 17:45:26 prd-ubuntu1804-docker-8c-8g-1999 sshd[1477]: Received disconnect from 10.30.104.4 port 49610:11: Closed due to user request. [preauth]
Apr 15 17:45:26 prd-ubuntu1804-docker-8c-8g-1999 sshd[1477]: Disconnected from invalid user jenkins 10.30.104.4 port 49610 [preauth]
Apr 15 17:45:28 prd-ubuntu1804-docker-8c-8g-1999 sshd[1598]: Invalid user jenkins from 10.30.104.4 port 49624
Apr 15 17:45:28 prd-ubuntu1804-docker-8c-8g-1999 sshd[1598]: Received disconnect from 10.30.104.4 port 49624:11: Closed due to user request. [preauth]
Apr 15 17:45:28 prd-ubuntu1804-docker-8c-8g-1999 sshd[1598]: Disconnected from invalid user jenkins 10.30.104.4 port 49624 [preauth]
Apr 15 17:45:30 prd-ubuntu1804-docker-8c-8g-1999 sshd[1700]: Invalid user jenkins from 10.30.104.4 port 49632
Apr 15 17:45:30 prd-ubuntu1804-docker-8c-8g-1999 sshd[1700]: Received disconnect from 10.30.104.4 port 49632:11: Closed due to user request. [preauth]
Apr 15 17:45:30 prd-ubuntu1804-docker-8c-8g-1999 sshd[1700]: Disconnected from invalid user jenkins 10.30.104.4 port 49632 [preauth]
Apr 15 17:45:32 prd-ubuntu1804-docker-8c-8g-1999 sshd[1750]: Invalid user jenkins from 10.30.104.4 port 49646
Apr 15 17:45:32 prd-ubuntu1804-docker-8c-8g-1999 sshd[1750]: Received disconnect from 10.30.104.4 port 49646:11: Closed due to user request. [preauth]
Apr 15 17:45:32 prd-ubuntu1804-docker-8c-8g-1999 sshd[1750]: Disconnected from invalid user jenkins 10.30.104.4 port 49646 [preauth]
Apr 15 17:45:35 prd-ubuntu1804-docker-8c-8g-1999 sshd[1752]: Invalid user jenkins from 10.30.104.4 port 49656
Apr 15 17:45:35 prd-ubuntu1804-docker-8c-8g-1999 sshd[1752]: Received disconnect from 10.30.104.4 port 49656:11: Closed due to user request. [preauth]
Apr 15 17:45:35 prd-ubuntu1804-docker-8c-8g-1999 sshd[1752]: Disconnected from invalid user jenkins 10.30.104.4 port 49656 [preauth]
Apr 15 17:45:37 prd-ubuntu1804-docker-8c-8g-1999 sshd[1754]: Invalid user jenkins from 10.30.104.4 port 49660
Apr 15 17:45:37 prd-ubuntu1804-docker-8c-8g-1999 sshd[1754]: Received disconnect from 10.30.104.4 port 49660:11: Closed due to user request. [preauth]
Apr 15 17:45:37 prd-ubuntu1804-docker-8c-8g-1999 sshd[1754]: Disconnected from invalid user jenkins 10.30.104.4 port 49660 [preauth]
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 useradd[1761]: new group: name=jenkins, GID=1001
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 useradd[1761]: new user: name=jenkins, UID=1001, GID=1001, home=/home/jenkins, shell=/bin/bash
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 usermod[1768]: add 'jenkins' to group 'docker'
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 usermod[1768]: add 'jenkins' to shadow group 'docker'
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 sshd[1779]: Accepted publickey for jenkins from 10.30.104.4 port 49676 ssh2: RSA SHA256:V0799BjlU//1ruj1g81rY7MeNIJkwAJ0Kr3lNX3XaN4
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 sshd[1779]: pam_unix(sshd:session): session opened for user jenkins by (uid=0)
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 systemd-logind[1090]: New session 1 of user jenkins.
Apr 15 17:45:39 prd-ubuntu1804-docker-8c-8g-1999 systemd: pam_unix(systemd-user:session): session opened for user jenkins by (uid=0)
Apr 15 17:46:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2362]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:46:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2362]: pam_unix(cron:session): session closed for user root
Apr 15 17:47:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2419]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:47:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2419]: pam_unix(cron:session): session closed for user root
Apr 15 17:48:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2963]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:48:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[2963]: pam_unix(cron:session): session closed for user root
Apr 15 17:49:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[3306]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:49:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[3306]: pam_unix(cron:session): session closed for user root
Apr 15 17:50:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[3442]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:50:02 prd-ubuntu1804-docker-8c-8g-1999 CRON[3442]: pam_unix(cron:session): session closed for user root
Apr 15 17:51:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[4021]: pam_unix(cron:session): session opened for user root by (uid=0)
Apr 15 17:51:01 prd-ubuntu1804-docker-8c-8g-1999 CRON[4021]: pam_unix(cron:session): session closed for user root
Apr 15 17:51:20 prd-ubuntu1804-docker-8c-8g-1999 sudo:  jenkins : TTY=unknown ; PWD=/w/workspace/portal-ng-history-docker-verify-master ; USER=root ; COMMAND=/bin/cp /var/log/auth.log /tmp
Apr 15 17:51:20 prd-ubuntu1804-docker-8c-8g-1999 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)