The MT comes with a nice feature that allows you to replace objects in your rules or groups.
This feature is located in the context menu on the security rules, address (and groups) and services (and groups). Right-Click in one Security Rule or one object and select "Search & Replace"
If we select an address for example and then we click on Search & Replace a new window will be opened with the selected object to be searched and see where is used. Press Enter or click on Search to see all the objects that matches that name. Then select from the list the object and this will show us where is used the object, if its a member inside a group, is in what security or nat rules.
We can select from all the locations we found and add to replace by selecting the button "Add to Replace". Open the Tab called Replace and then select again the objects and locations to be replaced by and then select by what object we want to replace. In this example by an address 10.0.0.0-10.255.255.255
After that click on Replace All.
We can replace Invalid Services by the right App-ID as well with this functionality. Let's see how to proceed:
Click on Replace All.
Important: After replace all the Objects you have to recalculate the Used Objects. The tool is not doing every time you replace something to avoid to introduce latency and waiting time to this process. To recalculate the Used Objects just go the Objects Tab and from the bottom bar click on the green Ballon.
This process can introduce new cloned rules and sometimes this can be an issue due a duplicated rule names, the cloned rules will hace the prefix "Cl-" plus the rule name. You can check for duplicated rule names and remediation from this other document: How To: Search Duplicated Rules by Name
Hope this helps