I recommend balancing cost over complexity. The largest tables will be Syslog/CEF from network equipment, Security Events from servers, and raw data form the M365D portal. Azure Activity logs and security alerts from Microsoft security solutions are free. Syslog and servers are easy enough, only connect what you manage. There is no ingestion filter for the M365D or AAD data to my knowledge.
You don't need to collect the raw M365D data. Also the M365D connector replaces the solution-specific rules. There are stand-alone connectors for MDE and MDI for example. Going back to these rules will provide some level of filtering in the rule properties.
I would only split where is it easy or results in major savings. Setup an automated watchlist and filters to identify Side-A from Side-B. Use a logic app to auto close incidents related to entities from Side-B. You can also filter out Side-B from critical workbooks, email notifications, etc. Some duplication or overlap will be avoided but most will be in smaller tables that do not have a major impact on cost. I would not do anything extremely complex unless it is cost justified. Also, because you share the same tenant, both have a direct impact on security. If Side-B is compromise so are you.