We want to set default TZ as SGT for a particular Search Head and that SH is in EDT TZ. We have already applied TZ setting in props settings at master for that index so they can view the related events when it is pushed.

Now, application team wants in preferences settings it should be SGT as default in preferences settings so whenever any query is search for the index it should show as SGT TZ. as it can be seen in the sample events which is not coming as expected. 

here is the btool results for the SH

-bash-4.2$ /opt/splunk/splunk_sas/bin/splunk btool --debug user-prefs list
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf [default]
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/splunk_instrumentation/local/user-prefs.conf [general]
/opt/splunk/splunk_sas/etc/apps/splunk_instrumentation/local/user-prefs.conf dismissedInstrumentationOptInVersion = 4
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf hideInstrumentationOptInModal = 1
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf notification_python_3_impact = false
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf render_version_messages = 0
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf search_assistant = compact
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf search_auto_format = 0
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf search_line_numbers = 0
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf search_syntax_highlighting = light
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf search_use_advanced_editor = 1
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf theme = enterprise
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf tz = GMT
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf [general_default]
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf appOrder = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf default_earliest_time = -24h@h
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf default_latest_time = now
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf default_namespace = $default
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf hideInstrumentationOptInModal = 0
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf notification_noah_upgrade = true
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf notification_python_2_removal = false
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf notification_python_3_impact = false
/opt/splunk/splunk_sas/etc/apps/user-prefs/default/user-prefs.conf showWhatsNew = 1
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_app_splunk_admin]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_app_splunk_api]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_app_splunk_***]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_app_splunk_infra]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_app_splunk_power]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_general]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf [role_general_default]
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf appOrder = search
/opt/splunk/splunk_sas/etc/apps/TA_***_LDAP/default/user-prefs.conf default_namespace = search
/opt/splunk/splunk_sas/etc/system/local/user-prefs.conf tz = Asia/Hong_Kong