Configuration audit relies on SSH/Telnet access. If you only configure SNMP, then you'll not be able to pull the config. Config audit will login to the switch, do a show run, then log out. We then capture and save the current running config and compare against what AirWave thinks should be the config (for switches, this is done either by template or switch config view as designated in the group basic settings and based on if there's specific support for the switch type).
You'll notice that for a group that disables auditing, the 'audit' tab is replaced by a compliance tab. My suggestion was that if it's just switch port monitoring that you're looking for, then we can skip the auditing portion.
You also want to make sure that the group basic tab is set to use the proper SNMP version for the device type you're using. The device is marked down if 1) can't ping, 2) can't snmp walk.