How to trace and troubleshoot the Intune Endpoint Security Firewall rule creation process

Thank you for the excellent article!

You referenced the "Endpoint security firewall rule migration tool" (Export-FirewallRules.ps1), which I have been trying to use to import rules from a reference client machine to Intune.  I want to import the local rules also so I'm running it with "-includeLocalRules".  It runs, but many of the built-in rules are split into two rules.  The reason appears to be because the Export-NetFirewallRule is splitting the rules.  It says this for each of the rules that are being split:

Found a Firewall Rule which needs some work. The Intune Graph API does not support firewall rules where PackageFamilyName, ServiceName, and FilePath are set at the
same time.
DisplayName: Remote Desktop - User Mode (TCP-In) FilePath: %SystemRoot%\system32\svchost.exe ServiceName: termservice

Can you provide some help with this?  Several of the built-in rules have ServiceName and FilePath both set.  Should I go into Intune after importing and re-add the ServiceName and FilePath back to the split imported rules (and delete the duplicate)?  Or just leave the duplicate rules?  Will the Intune Graph API support this at some point?

Should I just do this with a GPO instead of Intune?  I need the built-in rules (some of which we have modified) to be deployed to my clients and then set the clients to ignore the current built-in rules.

I apologize if this is not the proper place to ask this question, but I appreciate any help you can provide!

Thank you.