I have a Cisco 2811 router with IPSEC site to site VPN configured to a particular IP. I have a log server (linux box) in my network. I need to log all VPN events (tunnel establishment, various phases etc.) so that evenif the tuneel goes down, I can see what happened that particular time. Currently I have debug crypto ipsec and debug crypto isakmp on and the events are logged in my log server. Turning on the debugs increases my router processor utilization. Is there any other way (apart from turning on the debug) to log the VPN activity?
Thanks for any response.