This issue is resolved in Security Analytics v6.6.11 and 7.1.5 and later releases, which have had a 72-hour pcap cleanup shell and audit log messages added if the home partition is filling up.
Workaround
To remove PCAP and zip files in that directory manually, log in via SSH or at the console as a user with root priviliges and run the following command:
# find /home/apache/pcaps/ -regextype posix-egrep -mtime +3 -iregex "(.*\.zip|.*\.pcap)$" -exec rm -f {} \;
This command will delete PCAP and zip files which are more than 72 hours old from /home/apache/pcaps/.