The purpose of setting ENABLE_AUDIT_LOGGING=true during a cluster deployment is to log metadata about all requests made to the Kubernetes API server. This enables auditing of the cluster activities and helps with security and compliance. The audit logs are stored in /var/log/kubernetes/audit.log on the control plane node and can be accessed by the cluster administrator. The audit logs are generated based on an audit policy file that defines what events should be recorded and what data they should include12

References: 1: https://docs.vmware.com/en/VMware-Tanzu-Kubernetes-Grid/1.6/vmware-tanzu-kubernetes-grid-16/GUID-troubleshooting-tkg-audit-logging.html  2: https://kubernetes.io/docs/tasks/debug/debug-cluster/audit/