What is the Palo Alto Networks suggested process for converting port-based Security policy rules to use App-ID?

Use the Expedition tool to analyze Traffic logs against Security policy to suggest policy changes

Use the built-in firewall reports to identify applications found in the traffic and update policy based on desired traffic

Use the Policy Optimizer feature of the firewall to identify applications and update policy rules

Use the firewall's New Applications Seen feature to identify applications and update policy rules.