Did you modify your inputs.conf to have a stanza pertaining to the "Exchange Auditing"?
disabled = 0
Check out this link,it should clear things up.
One other thing to make note of with remote collection. You will need to have Spunk services running as a domain\user with permissions on the remote box in order to collect successfully .
OK, then you will need to add the server setting to the stanza.
A comma-separated list of servers from which to get data.
If not present, defaults to the local machine.
Have a look at the wmi.conf spec: