Good morning everyone,
I have a question about the creation of a single index or multiple indexes.
I am dealing with computer vulnerabilities, so I save the information of the files in a single index and then I compare those files with another database where I have saved the vulnerable files, with their version, score and corresponding cve.
After that step I update the index by filling in new fields inside the same index. My question is, is it better to process the data in the same index or is it better to divide it in several indexes?
Then I show the data in a dashboard, then when processing data when I have a lot of data, I do not know if it would be better that all the data are in the same index or several.
I hope you can help me, I am new using Elasticsearch and I still lack experience with the tool to be able to solve certain questions.
Thank you very much for everything, sorry for my English, but I have helped me with a translator.