You have two options:
-create a final deny policy for your test workstation address and add log on session initiation to the policy. This will then log all the denied traffic from that workstation for your review.
-create an allow all policy for your test work station and put this at the bottom of your policy list and enable log on session close for this policy. It will then log all the requests from the workstation normally and you can see what it needs while verifying the service does work.
Once you know the ports and addresses called you can create the narrow policy needed for the application.