I'm new to Elastic, and evaluating how I would use it for a business I am considering creating.
The business is a Managed Security Service Provider (MSSP). I would like to collect logs from my client's endpoints and servers, bring that data into elastic, then perform aggregate security analysis across all client data. Each client should also have access to a kibana dashboard customised for their business, which only has access to their business's data.
From reading the documentation, I came up with the following high level infrastructure plan. I would absolutely love if someone could provide feedback on:
- Will this design work? Have I understood the docs about clustering correctly?
- Can I do this with multi-cluster design using Elastic Cloud? or AWS Elasticsearch?
- Any improvements/tips/issues?
Thank you very much!