Tags are the basic organization of data within Gravwell. Ingesters attach a tag to an entry which is used when searching and also used by indexers to better organize how they store data entries.
Ingesters are simply tools that collect data and intelligently shove it to an indexer with a "tag" attached. Indexers have "wells" in which they put data entries. The indexer configuration uses these tags to determine in which well to store the data. The wells can be configured in various ways depending on your desired data organization and age out strategies. The ideal configuration has some faster "hot" storage, such as NVME or SSD, and some slower but less expensive "cold" storage, such as a RAID array of spinning disks.
For example, a user might have a Gravwell setup that has an indexer with a "raw" well which is collecting binary network data (tags pcap and netflow) and ages out pretty quickly based on size. This same indexer might also have a "text" well (tags syslog, ubiquiti, windows, auth, dmesg, apache, etc.) that has a much slower age out based on time because the overall size isn't very big and the desire for retention is longer.
For ageout you can specify a time-based, total storage percentage based, or size-based ageout method. See our age-out documentation on https://dev.gravwell.io/docs/#!configuration/configuration.md