Applications can be filtered in Logs (Traffic, Threat, URL, Wildfire and Data Filtering) using the following filters for category and subcategory:
(category-of-app eq application_category)
(subcategory-of-app eq application_subcategory)
The following screenshot shows an example of a filter in the traffic logs (Monitor > Logs > Traffic) for the subcategory, file-sharing:
(subcategory-of-app eq file-sharing)
To determine the category or subcategory of an application, search the application on the Application & Threat Research Center (as shown in the screenshot below) or go to Objects > Applications on the Palo Alto Networks firewall.