When using the Packet Capture feature on the Palo Alto, the filter settings can easily be made from the GUI (Monitor -> Packet Capture). These settings as well as the current size of the running packet capture files can be examined with:
#debug dataplane packet-diag show setting
Now, the current capturing in follow mode can be viewed with:
#view-pcap follow yes filter-pcap
#show counter global filter packet-filter yes delta yes