Filtering port mirrored traffic

Typing from phone so excuse anyb typos/format. I have a user monitoring solution (for proactive fault alarming) which is currently implemented to one probe and we'd like to add another as each probe is limited to approx. 1gb/s. The port mirrored traffic is about 10gb/s so some sort of traffic filtering is required (in my scenario we're not allowed to do any filtering prior to the port mirroring). Currently traffic filtering is done on the probe itself using an open source tool on the probe's NIC. With the addition of a second probe I considered adding a later 3 switch to the solution where traffic filtering would be applied then distributed to the two probes. I thought the configuration required would be through some policy based routing or ACL But it seems to be more complicated than that as our team had struggles implementing it through PBR as the port mirrored traffic show single addresses (source and destination IPs) instead of clear traffic. In high level, our implementation vendor explained it as rather than it being PBR, it may require a switch with "Wireshark" like capabilities in order to fulfill our needs. Could someone advise whether it can or cannot be done using PBR, or suggest any possible method? In summary I have port mirrored traffic which is huge and needs to be minimized through filtering to capture only interesting traffic and distribute it to different probes (each probe to monitor different traffic from source). Your input is appreciated