Hi Dwcoffin,
If you check the [article](Categorize SSL traffic by version, display as graph),it does break it down with all versions.
If you are looking for Irule for remote logging for all versions,
when HTTP_REQUEST {
set hsl [HSL::open -proto UDP -pool syslog_server_pool]
set time [clock format [clock seconds] -format "%d/%b/%Y:%H:%M:%S %Z"]
if {[SSL::cipher version] equals "TLSv1"} {
HSL::send $hsl "TLSv1 Request Detected: Time = $time, Client IP:Port = [IP::client_addr]:[TCP::client_port], F5 VIP:Port = [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
}
if {[SSL::cipher version] equals "TLSv1.1" } {
HSL::send $hsl "TLSv1.1 Request Detected: Time = $time, Client IP:Port = [IP::client_addr]:[TCP::client_port], F5 VIP:Port = [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
}
if {[SSL::cipher version] equals "TLSv1.2" } {
HSL::send $hsl "TLSv1.2 Request Detected: Time = $time, Client IP:Port = [IP::client_addr]:[TCP::client_port], F5 VIP:Port = [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
}
}