Hi deepashri_123, thanks for replying .. yes I have gone through these answers. Now a days the Object storage vendors provide some type of connectors such as for NFS (some details below). I wanted to know if someone has tested this or would it work with Splunk since it may be just transparent to Splunk.

Scale-out File and Object Storage
• Amazon S3-compatible REST API with support for Microsoft Active Directory, AWS IAM, AWS Signature v2 and v4
• Scality HTTP REST API
• Scale-out NFS v3 with support for Kerberos Authentication, quotas.
• Scale-out SMB 2.0, 3.0
• Linux FUSE plus data compatibility with REST
• S3/NFS portability
• Scalable peer-to-peer RING architecture, with a native object storage core
• Integrated Scale-out File-System (SOFS) with POSIX semantics

Hello,

I am increasing the retention delay today by using the frozenTimePeriodInSecs option in indexes.conf.
if you want 6 months for example: you convert 6 months in seconds and you add a coldb and a homedb. Splunk will do the rest in order to dispatch the buckets in the cold and the warm directories. You can also change the MaxbucketSizeinMB to differentiate between hot, warm and cold buckets

hey@prachisaxena,

Refer this answer:
https://answers.splunk.com/answers/201601/does-splunk-currently-support-object-based-storage.html

Also refer this doc:
http://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements

Let me know if this helps!!