I am trying to understand how to restrict the elasticsearch data that different user groups can view using Kibana. In other words, I am trying to understand how an elasticsearch/kibana solution can be a multi tenant solution.
I recognize the answer might have to do with how you architect your solution. Assume that I have two different sets of users. Each set of users can only access their own set of data via Kibana.
What is the best way to architect this solution?
Should I have 2 different indexes, one index for each user group? Or should I have one index and somehow restrict which data the users can run queries against in Kibana?