Clarify on overview page that audit is default replicated (#12298)

* Note that audit is replicated

* tweak

* clarify local is to the cluster, not only the node

* tweaking. i think this makes more sense

website/content/api-docs/system/audit.mdx

@@ -72,7 +72,7 @@ single word name or a more complex, nested path.
 Additionally, the following options are allowed in Vault open-source, but
 relevant functionality is only supported in Vault Enterprise:
 
-- `local` `(bool: false)` – Specifies if the audit device is a local only. Local
+- `local` `(bool: false)` – Specifies if the audit device is local within the cluster only. Local
   audit devices are not replicated nor (if a secondary) removed by replication.
 
 ### Sample Payload

website/content/docs/audit/index.mdx

@@ -56,6 +56,13 @@ In the command above, we passed the "file_path" parameter to specify the path
 where the audit log will be written to. Each audit device has its own
 set of parameters. See the documentation to the left for more details.
 
+~> Note: Audit device configuration is replicated to all nodes within a 
+cluster by default, and to performance/DR secondaries for Vault Enterprise clusters. 
+Before enabling an audit device, ensure that all nodes within the cluster(s) 
+will be able to successfully log to the audit device to avoid Vault being 
+blocked from serving requests. 
+An audit device can be limited to only within the node's cluster with the [`local`](api/system/audit#local) parameter. 
+
 When an audit device is disabled, it will stop receiving logs immediately.
 The existing logs that it did store are untouched.