Check the CLI test. From $SPLUNK_HOME/bin Check help for test... ./splunk test help ./splunk test sourcetype

Example:

./splunk test sourcetype /opt/tradelog/trade_entries.log

PROPERTIES OF /opt/log/tradelog/trade_entries.log
Attr:ANNOTATE_PUNCT True
Attr:BREAK_ONLY_BEFORE
Attr:BREAK_ONLY_BEFORE_DATE True
Attr:CHARSET UTF-8
Attr:DATETIME_CONFIG /etc/datetime.xml
Attr:HEADER_MODE
Attr:LEARN_SOURCETYPE true
Attr:LINE_BREAKER_LOOKBEHIND 100
Attr:MAX_DAYS_AGO 2000
Attr:MAX_DAYS_HENCE 2
Attr:MAX_DIFF_SECS_AGO 3600
Attr:MAX_DIFF_SECS_HENCE 604800
Attr:MAX_EVENTS 256
Attr:MAX_TIMESTAMP_LOOKAHEAD 44
Attr:MUST_BREAK_AFTER
Attr:MUST_NOT_BREAK_AFTER
Attr:MUST_NOT_BREAK_BEFORE
Attr:SEGMENTATION indexing
Attr:SEGMENTATION-all full
Attr:SEGMENTATION-inner inner
Attr:SEGMENTATION-outer outer
Attr:SEGMENTATION-raw none
Attr:SEGMENTATION-standard standard
Attr:SHOULD_LINEMERGE False
Attr:TRANSFORMS Attr:TRUNCATE 10000
Attr:is_valid True
Attr:maxDist 100
Attr:sourcetype trade_entries-2

Note attributes including sourcetype.