The packet capture works with IP addresses. As far as I know, if you enter host names, they will just be converted to IP addresses, so entering "host example.com" is the same as "host 93.184.216.34". Traffic to other domains which resolve to the same IP address will be captured as well.
To filter on all subdomains within a given second level domain you could try the following:
* As Aravind suggested, add all host names to the filter: "host a.example.com or host b.example.com or host c.example.com" and so on
* Perform DNS lookups on the different subdomains and see if they are located in the same subnet or in a few selected subnets, then filter on these subnets, eg "net 93.184.216.0/23 or net 192.168.216.0/25"
* Capture everything or capture large subnets which contain all hosts you are interested in and then with the help of Tshark filter the captured traffic based on HTTP GET Requests (for HTTP) or SSL Client Hello (for HTTPS). For HTTP you can use 'http.host contains "example.com"', for HTTPS 'ssl.handshake.extensions_server_name contains "example.com"', which will give you all initiated HTTP(S) connections to hosts within this second level domain. Then you can build connection filters based on all the destination IP addresses found.