In view of POODLE, we are going to disable SSLv3. And we want to find out those clients that are still using it before implementation. But it seems that there are no method to check connection's SSL/TLS protocol version in iRule.
SSL::cipher version only tells the protocol version that introduce the negotiated cipher. And there are no event for intercepting traffic from ADC to client.
I wonder if there are any function in iRule that can do that.
Are you looking to gauge the number of SSLv3 requests or are you wanting to intercept the connection and do something else?
If it's the former, you can view statistics under Overview -> Statistics -> Local Traffic -> Statistics Type (Profile Summary) -> Client SSL
Check out the following link, You could customize the iRule to suit your purposes.