I have some data, all the same kind, but from different sources, that I need to secure. My initial plan was to create a separate index for each source and use roles to limit access to a index. But I realized the same could be achieved using document security.
I am using Kibana to visualize the data.
Does anyone know what would be the best option performance wise? If I were to put all data into a single index it might get as big as 20GB a day. Data needs to be searchable for up to 90 days so I guess that will be a pretty big search.
If I go with seperate, smaller indeces, there might be some extra overhead but the searches should be quicker as the size of the indeces would be much smaller (couple of GB)?
Unfortunately I don't have a big enough data set yet to test with.