Splunk Cloud Platform administrators create indexes to organize data, apply role-based access permissions to indexes that contain relevant user data, fine-tune data, specify how long to retain data in indexes, and so on.

Indexes store the data you have sent to your Splunk Cloud Platform deployment. To manage indexes, Splunk Cloud Platform administrators can perform these tasks:

• Create, update, delete, and view properties of indexes.
• Monitor the size of data in the indexes to remain within the limits of a data plan or to identify a need to increase the data plan.
• Modify data retention settings for individual indexes to control when Splunk Cloud Platform automatically deletes data or moves it to storage.
• Optimize search performance by managing the number of indexes and the data sources that are stored in specific indexes.
• Delete indexes. Caution: This function deletes all data from an index and removes the index. The operation is final and can't be reversed.
• Move expired data from indexes to self storage or a Splunk-supported archive (Dynamic Data Active Archive). Data from the index is not deleted until it is successfully moved to the storage location. Archived data can be restored to Splunk Cloud Platform for searching. Data from a self storage location can no longer be searched from Splunk Cloud Platform. However, it can be restored to a Splunk Enterprise instance for searching if necessary.