DOC-1485: Fix doc reference to configurable audit log retention (#1338)

Co-authored-by: Michele Cyran <michele@redpanda.com>

Author: Feediver1

modules/manage/partials/audit-logging.adoc

@@ -397,7 +397,17 @@ ifdef::env-cloud[]
 
 == Configure retention for audit logs
 
-Assess the retention needs for your audit logs. You may not need to keep the logs for the default seven days. This is controlled by setting the `retention.ms` property for the `_redpanda.audit_log` topic.
+You can export audit events to your SIEM for long-term retention to support audit and compliance needs. Redpanda Data recommends that you retain audit logs for at least one year in a separate system like your SIEM, so if there is an issue with the Redpanda cluster you have access to the audit logs.
+
+If you need to change the default seven-day retention period, update the retention settings using the `retention.ms` property for the `_redpanda.audit_log` topic:
+
+[,bash]
+----
+# Set 1-year retention (in milliseconds) on the audit log topic
+rpk topic alter-config _redpanda.audit_log --set retention.ms=31536000000
+----
+
+NOTE: In Redpanda Cloud, both `retention.ms` (time-based) and `retention.bytes` (size-based) retention policies are applied simultaneously. Data becomes eligible for deletion when either limit is reached, depending on whichever occurs first. This means neither setting strictly takes precedence; the earliest limit (by time or size) triggers data cleanup. When updating audit log retention, check to make sure you do not already have a size-based retention policy that might remove logs before the period you specify.
 
 == Next steps