You said this "That's incredible..There is indeed an app in Prod that seems to contain an entire old version of manager. I'd guess that you're right in that its overriding the default manager. Now I don't care how the "data input" page looks and I'd rather remove it so our search app can update. Is there a way to manually assign sourcetypes in the new "AddData" wizard?"

To answer that yes you create sourcetypes on the 2nd or 3rd step in the add data wizard. I think you upload in first step, then select sourcetype in 2nd. They give you the list of predefined sourcetypes to select from and then if you modify the settings any it asks you to save as a new sourcetype or not. If you dot save it, it will apply only to your upload, if you do save it, it usually falls into the "custom" category for use later. Can you mark my other answer as the answer please?

Both are 6.3.1
build: f3e41e4b37b2

Both splunk instances are 6.3.1 and dbconnect is installed on both.

Then you didnt completely upgrade production to 6.3.1. Apparently the manager directory under the search app stayed the same. I'd check file permissions in production to be sure the appropriate user owns everything in the splunk dir, and then redeploy 6.3.1.

C:\Program Files\Splunk\etc\apps\search\default\data\ui\manager for example

Permissions are correct for that dir.
Another weird observation...although the url for DataInputs is the same, after I click on "Add New" prod goes to /en-US/manager/search/data/inputs/monitor/_new?action=edit but QA goes to /en-US/manager/launcher/adddata/selectsource?input_mode=1&input_type=file_monitor

if I simply copy the prod link to QA I can reach the page I want however that does not help me solve the underlying issue.

compare the files under Splunk\etc\apps\search\default\data\ui\manager in both environments.

a diff between both dirs reveals that they contain the same files and the files' contents are identical

If this is true then the only other explanation is proxy/edge caching. Try pressing CTRL+F5 when you have production open in a browser.

no good. I think it must be configurable somewhere because these servers are not newly upgraded and either way production exhibits the desired behavior. I want QA to behave the same way as prod not the other way around.

its configurable by file system modifications...

aka, if you copy in the search app from an older copy of splunk which is what I think has happened already. These pages are being driven by code found the mrsparkle directory as well as the manager folder we've already discussed.

I recommend a full diff between Prod and QA, but I dont recommend downgrading QA to match production. Instead I'd go the other way around because the newer documentation has these newer screenshots etc.

At this point I assume you have another app in production that someone created using a copy of the search app. Perhaps they didnt know the implications of doing so. But it's manager UI folder may be overriding the one found in your search app, etc. This is why both URL work in production... both sets of code are present.

Check your other app folders for these folders default\data\ui\manager or local\data\ui\manager.

If you really want QA to act the same, copy the app you find thats overriding this to QA. Again i recommend against this as it is not a best practice and is certainly unsupported.

That's incredible..There is indeed an app in Prod that seems to contain an entire old version of manager. I'd guess that you're right in that its overriding the default manager. Now I don't care how the "data input" page looks and I'd rather remove it so our search app can update. Is there a way to manually assign sourcetypes in the new "AddData" wizard?

That's incredible..there is indeed an app on Prod that seems to contain an entire old version of the manager. I would guess that you are right in that it is overriding the new version. Now I don't really care how the "data inputs" page looks and I'd rather remove it so our search app can update. Is it possible to manually assign sourcetypes using the new "AddData" Wizard?