I'm on a POC and network traffic shows lots of TCP and UDP unknown in software services.
I know DCRUM has a Port Finder system but not quite sure how to tune the parameters to get the proper result. Should I decrease the value of "Min. number of sessions" and "Min. volume to monitor " so that DCRUM can put the traffic into "tracked"?
There are no "good" values for these settings as it depends on the environment you're in. PortFinder is intended to find candidates for Software Services that the customer is not aware and you just did not configured it as regular Software Service.
Also take a look at Configuring and Fine-Tuning the Port Finder