When we push data to the Elasticsearch, we define index based on the timestamp in the event. We have defined fix number of shards for each type of the data depending on its volume. We mostly query latest data from Elasticsearch so mostly that index is in the memory. Sometime we do query more than one indexes and Elasticsearch is able to handle that well.
You are right. Redshift is not great for online querying, and that’s why we use Redshift only for business intelligence - which is offline reporting and analytics.