Anyone have ideas on why I don't see a kube-apisever audit event when I open a secret in the Rancher GUI, but I do if I kubectl get the secret? I thought maybe something cache wise, but the behavior is the same even after redeploying the Rancher Deployment

Sounds like it could be a bug - can you please open an issue in https://github.com/rancher/dashboard

Can do!