Platform: Splunk Cloud Problem statement illustration: we have 4 intermediate forwarders, and more than 2500 universal forwarders are routing data to these four IFWs.   UF (700)----> IFW1------>Splunk cloud UF (600)----> IFW2------>Splunk cloud UF (700)----> IFW3------>Splunk cloud UF (500)----> IFW4------>Splunk cloud What is needed: How a splunk admin/power user can create a dashboard or fetch information from searchead that which are all sources being routed to splunk cloud through each IFW query should list the universal forwarder hostname and respective ifw from where it getting routed to splunk cloud Any lead on this ... View more