I would like to understand if i have any misconfiguration on my indexes files, and for how long do i keep logs online, archived and when they are deleted (since my HDD is getting full quickly):
This looks like an exact copy of the default indexes conf with some added/changed values. And you seem to not know what you are doing.
Anyway. So... I'm assuming you are currently storing all your data in the "main" index.
This means that here the [default] frozenTimePeriodInSecs = 15778463 applies to the retention time. Which is approx. 182 days.
How to fix this:
go to the $SPLUNK_HOME directory (under linux it's /opt/splunk/)
Navigate from there to /opt/splunk/etc/system/local/
Create a file called "indexes.conf"
Write the following:
frozenTimePeriodInSecs = 604800
Save and restart splunk. Now the data in the main index will be saved for only 7 days instead of 182.