Hi @srmohan,

As you might have already figured out, frozenTimePeriodInSecs and timePeriodInSecBeforeTsidxReduction are used for completely different purposes.

• frozenTimePeriodInSecs - Removes data which is older than this time
• timePeriodInSecBeforeTsidxReduction - Reduces tsidx files by replacing it with a smaller version but your rawdata and metadata still remains untouched. So you save some disk space but searches involving this files might be slower.

Keeping the same value for both settings might not help you to achieve your goal since it removes the data and there is nothing for tsidx reduction to do or tsidx redution happens and the removal of data happens immediately based on which order splunk checks for these values

For your reference : http://docs.splunk.com/Documentation/Splunk/6.4.2/Indexer/Reducetsidxdiskusage

frozenTimePeriodInSecs = <nonnegative integer>
* Number of seconds after which indexed data rolls to frozen.
* If you do not specify a coldToFrozenScript, data is deleted when rolled to
  frozen.
* IMPORTANT: Every event in the DB must be older than frozenTimePeriodInSecs
  before it will roll. Then, the DB will be frozen the next time splunkd
  checks (based on rotatePeriodInSecs attribute).
* Highest legal value is 4294967295
* Defaults to 188697600 (6 years).