In this blog post, Molly Struve, a Senior Site Reliability Engineer at Kenna Security, outlines various techniques used to enhance search performance in their Elasticsearch cluster, which manages over four billion documents. By organizing data into client-specific indexes, the company reduced the number of shards queried, thereby speeding up searches. Emphasizing the importance of using filters over queries to reduce computational load, Struve shares insights from an upgrade to Elasticsearch 5.0, which highlighted the efficiency of filters. Additionally, the company improved search speeds by storing IDs as keywords rather than integers, resulting in a 30% performance increase, and by restricting complex user-generated queries that could burden the system. These strategies have contributed to making Kenna's Elasticsearch cluster more stable and scalable, as they continue to support a growing volume of data.