DOCSP-14355 audit log update (#970) (#987)

* DOCSP-14355-audit-log-update

* DOCSP-14355-audit-log-update

* DOCSP-14355-audit-log-update

Co-authored-by: jason-price-mongodb <[email protected]>

Co-authored-by: jason-price-mongodb <[email protected]>

Author: jason-price-mongodb

source/core/security-encryption-at-rest.txt

@@ -134,6 +134,12 @@ and parameters:
 For testing audit log encryption, you can also use the
 :setting:`auditLog.localAuditKeyFile` setting.
 
+If you need to downgrade MongoDB, you must first disable audit log
+encryption by removing :setting:`auditLog.auditEncryptionKeyIdentifier`
+or :setting:`auditLog.localAuditKeyFile`. Existing audit logs remain
+encrypted, and you can keep any procedures you have developed for
+storage and ingestion of encrypted logs.
+
 .. note::
 
    For audit log encryption, the audit log destination must be a