We have discovered the cause of the previous outage.
Our LA router was ultimately overwhelmed due to an excessive amount of syslog data (we're talking thousands of messages per second) being sent over an IPSec tunnel. IPSec is quite CPU intensive, and this large amount of traffic pushed things over the edge.
To remedy this, rate limiting will be put in place for syslog data. If a device ever generates a large amount of logging info again, we'll be able to block it before it ever hits the encrypted tunnel.