https://live.paloaltonetworks.com/t5/general-topics/ssl-version-logging/m-p/256091#M72643 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/92565">@mpochan</a>,</P><P>I'm pretty positive that the firewall doesn't actually record this information in any shape or form.&nbsp;</P> Thu, 04 Apr 2019 15:10:40 GMT BPry 2019-04-04T15:10:40Z https://live.paloaltonetworks.com/t5/general-topics/ssl-version-logging/m-p/255990#M72616 <P>Is it possible to log the version of ssl/tls being used for decrypted sessions (inbound ssl inspection in particular)? I know we can control what versions are used in the decryption profile but is there any way to identify the specific ssl versions being used in sessions without doing a full pcap? We were looking for a way to do this in mass.&nbsp;</P> Wed, 03 Apr 2019 21:43:20 GMT https://live.paloaltonetworks.com/t5/general-topics/ssl-version-logging/m-p/255990#M72616 mpochan 2019-04-03T21:43:20Z https://live.paloaltonetworks.com/t5/general-topics/ssl-version-logging/m-p/256091#M72643 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/92565">@mpochan</a>,</P><P>I'm pretty positive that the firewall doesn't actually record this information in any shape or form.&nbsp;</P> Thu, 04 Apr 2019 15:10:40 GMT https://live.paloaltonetworks.com/t5/general-topics/ssl-version-logging/m-p/256091#M72643 BPry 2019-04-04T15:10:40Z