Hi Linux Experts!

Need help on a script that I'm working on to log sudo-enabled users. The script that I'm using is below

#!/bin/sh
getent passwd | cut -f1 -d: | xargs -L1 sudo -l -U | grep -v 'not allowed'

It is a `.sh` file that's ran once a day. The corresponding output is then parsed and massaged by some SEDCMD stuff, not relevant here.

This way, I can see which users are able to perform sudo on the machine.  Note: I am aware of the `usersWithLoginPrivs.sh` but this includes users that I'm not interested.  Hence the custom script. If there's another solution you can share, that'd be great. But here's my

PROBLEM: linux admins are complaining that they're getting messaged because `splunk` user that runs this script is generating messages for them. And they don't want to get the messages. So, they suggested to append this command at the end of the script:

> /dev/null 2>&1

which I did. However, it does not print output anymore for those Splunk UFs that previously were able to. 

Yes, the main solution to this problem is to give `splunk` user permission to run the script. But due to the complexity of our organization, we can't request the same thing across the board. 

So, basically, of the thousands of linux servers that we have some can run this script, some cannot. That's currently okay.

But to those that cannot, I'd like to modify the script in such a way that it will still work the same but will not produce any error. Is there any alternative?