Get list of servers not sending logs

i want to get list of servers from the csv which are not sending any logs to splunk like for past 48 hours with time when it stopped ingesting. i am trying below query but no success. | metadata type=hosts index=* | where lastTime < relative_time(now(),"-24h") AND totalCount > 0 | convert ctime(lastTime) as "Time when stopped" ctime(firstTime) as "Time when Started" | table host "Time when stopped" | search [| inputlookup xyz.csv |fields hostname] | table host "Time when stopped"