Sep 10 18:55:42 andromeda sshd\[5719\]: Invalid user admin from 92.39.42.75 port 37898
Sep 10 18:55:42 andromeda sshd\[5719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.39.42.75
Sep 10 18:55:44 andromeda sshd\[5719\]: Failed password for invalid user admin from 92.39.42.75 port 37898 ssh2

Sep 10 18:55:45 db sshd[26783]: User root from 175.206.43.79 not allowed because none of user's groups are listed in AllowGroups
...

Sep 11 07:05:45 root sshd[29756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.90.183.67  user=root
Sep 11 07:05:47 root sshd[29756]: Failed password for root from 189.90.183.67 port 53524 ssh2
...

Sep 10 20:28:51 hanapaa sshd\[3077\]: Invalid user admin from 141.98.10.214
Sep 10 20:28:51 hanapaa sshd\[3077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.214
Sep 10 20:28:53 hanapaa sshd\[3077\]: Failed password for invalid user admin from 141.98.10.214 port 43551 ssh2
Sep 10 20:29:12 hanapaa sshd\[3137\]: Invalid user admin from 141.98.10.214
Sep 10 20:29:12 hanapaa sshd\[3137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.214

Sep 11 06:12:46 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.70.214, lip=192.168.100.101, session=\\
Sep 11 06:35:12 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.70.214, lip=192.168.100.101, session=\<2iXHNQKvtABQUkbW\>\
Sep 11 06:46:46 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.70.214, lip=192.168.100.101, session=\\
Sep 11 06:48:59 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.70.214, lip=192.168.100.101, session=\\
Sep 11 06:53:16 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.70.214, lip=192.168.100.101, session=\\
Sep 11 07:09:

5x Failed Password

Scanned 3 times in the last 24 hours on port 22

Sep 11 03:38:48 ws19vmsma01 sshd[161428]: Failed password for root from 157.230.125.207 port 60493 ssh2
...

Port scan denied

Sep 11 06:01:41 hcbbdb sshd\[29132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.168.164.26  user=root
Sep 11 06:01:43 hcbbdb sshd\[29132\]: Failed password for root from 144.168.164.26 port 35286 ssh2
Sep 11 06:01:45 hcbbdb sshd\[29132\]: Failed password for root from 144.168.164.26 port 35286 ssh2
Sep 11 06:01:48 hcbbdb sshd\[29132\]: Failed password for root from 144.168.164.26 port 35286 ssh2
Sep 11 06:01:50 hcbbdb sshd\[29132\]: Failed password for root from 144.168.164.26 port 35286 ssh2

$f2bV_matches

 TCP (SYN) 159.65.163.59:47548 -> port 13613, len 44

Port scan denied

5x Failed Password

Sep 11 06:32:08 hcbbdb sshd\[927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.101  user=root
Sep 11 06:32:10 hcbbdb sshd\[927\]: Failed password for root from 107.189.10.101 port 51698 ssh2
Sep 11 06:32:12 hcbbdb sshd\[927\]: Failed password for root from 107.189.10.101 port 51698 ssh2
Sep 11 06:32:15 hcbbdb sshd\[927\]: Failed password for root from 107.189.10.101 port 51698 ssh2
Sep 11 06:32:17 hcbbdb sshd\[927\]: Failed password for root from 107.189.10.101 port 51698 ssh2