The short answer is that effectively the entire PCI/PCIe protocol stack is implemented in hardware (aside from high-level enumeration and management), while large portions of the protocol stack for Ethernet and USB are implemented in software.
For Ethernet and USB, the hardware only implements a few layers of the stack. These protocols are designed to do as much in software as possible, trading performance and cost for flexibility. For both Ethernet and USB, the hardware basically gives the software the raw packet data, with the hardware only handling serialization and a few other low-level functions like checksums and segmentation. In this case software MUST see everything, so capturing all of the traffic is a relatively straightforward thing to do.
For PCIe, the whole point of the protocol is to provide a high performance and low latency method for connecting the CPU and system memory to peripherals. One of the key features of PCIe is direct memory access, where peripheral components can directly read or write system memory without any involvement from the CPU. To make this work, the entire protocol has to be implemented in hardware such that read/write requests from peripheral components can be directly sent to the memory controller. Because of this, the CPU has zero visibility into what is going on over the bus. Similarly, when the CPU accesses a peripheral device, it does so by performing normal load and store operations against specific regions of address space, and these load and store operations get translated into PCIe TLPs entirely in hardware. At no point is software even aware of the fact that TLPs exist, so there is no way by default for software to capture anything.
So, to capture PCIe traffic, you need some sort of explicit capture capability in hardware that's separate from the actual implementation of the protocol. This could be a separate piece of hardware like a PCIe protocol analyzer. But it is also possible that certain PCIe components could have debug features that can capture traffic, but there is no standard mechanism for doing this since it's not a required part of the protocol nor is it even an optional feature covered in the specification.
Other protocols can also have similar characteristics. For example, RoCE (RDMA over converged Ethernet) operates entirely in hardware. Software can set up RDMA target buffers and other hosts can access buffers over the network without any involvement from the local CPU, with the RDMA implementation on the NIC translating the incoming RDMA read/write requests into PCIe read/write operations. But, it's relatively common for an RDMA capable NIC to be able to capture the on-the-wire traffic for diagnostic purposes, although this generally results in reduced performance. And since it's Ethernet, it would also be possible to capture the traffic in the network via port mirroring and such.