[Doc][Meta] General security doc improvements

[karenzone]

This issue serves as a place to capture and track security-related comments and issues.

In the course of a phased docs overhaul (#13573), important and valuable comments surface that may be out of scope for a particular PR. We want to be sure that we capture and address them as part of the broader scope of work. This issue is that place.

These items were identified during writing/review of #13597:

• [ ] logstash-*/indexes for thelogstash_writer role
  • [x] https://github.com/elastic/logstash/pull/13597#issuecomment-1011086158
• [ ] Passwords in examples
  • [x] https://github.com/elastic/logstash/pull/13597#issuecomment-1011134897
• [ ] Consolidate info about config in elasticsearch output
  • [ ] https://github.com/elastic/logstash/pull/13597/files#r792504440
• [ ] Final edits on all security work, including removing repetition in SecurityOn
  • [x] https://github.com/elastic/logstash/pull/13597#issuecomment-1026035503
• [ ] Stub out config/certs folder in logstash?
  • [ ] https://github.com/elastic/logstash/pull/13597/files#r794769613

These items were identified during writing/review of #13693:

• [ ] Clarify that self-signed CA is generated when a new {es} cluster is started up without dedicated certificates
  • [x] https://github.com/elastic/logstash/pull/13693#discussion_r797043474
• [ ] Wording tweak around publicly trusted certificate authorities
  • [x] https://github.com/elastic/logstash/pull/13693#discussion_r797045006

Other items:

• [ ] Test and evaluate across-the-board accuracy and applicability for this PR, with focus on ECS on by default and ILM implications
  • [ ] https://github.com/elastic/logstash/pull/12333