Since PAN-OS 6.0 the CLI was changed to conform to a new method of storing and retrieving pcaps. Previously, threat pcaps were stored in the PAN-OS file system as files in a directory, with a directory for each day. This limited pcap storage to around 131K pcap files per day, due to file system performance limitations.
Beginning in PAN-OS 6.0, pcaps are stored in a database. Rather than identifying pcaps by a timestamp or time range, a unique “pcap id” is given to each pcap. The pcap id is stored in the associated threat log and provides a cleaner way to reference pcaps for a specific threat log.
The previous method for downloading all pcaps for a given day was simply a mask for retrieving all files from a particular directory (day). Because the new method of storing pcaps uses a database, there is no equivalent method for downloading all pcaps for a particular day.