You can launch the GUI from that icon or from the system menu (Internet -> OpenSnitch)
The daemon will start intercepting connections, prompting you to allow or deny them. The default action is to allow them, and if you don't apply an action, after 15 seconds it'll apply the default action configured.
When you open the GUI, you'll see all the connections and processes that has intercepted. Double click on a row to view the details of a process, rule, host or user.
As the default action is to allow outgoing connections, you can let it run for a while (hours, days, weeks), and observe passively what your machine is doing.
To see and modify the rules accumulated so far, click on the OpenSnitch icon in the System Tray. A GUI listing the rules will appear. You can click on each rule and then click on the Trash Can icon to delete it. Or you can click on a rule and right-click on it to modify allow/deny or duration etc. The list may take up to 15 seconds to show the update in the GUI. Note: if you modify the action of a rule (e.g. change from deny to allow), the name of it may not change (e.g. may stay as "deny-...").
Once you know which are the common processes, IPs and hosts that your machine is connecting to, you can start creating permanent rules (Duration: always) to deny or allow them. You can also convert temporary rules to permanent by right-clicking on a temporary rule or by double-clicking on it, and then edit it.
A common practice is to apply a rule of "Least privilege", i.e., block everything by default and allow only those processes or connections that you want to.
Some applications launch external processes, so for example, you may be prompted to allow application A, and just right away asked to allow application B.
This is the case with Epiphany web browser, gnome-maps or snap: https://github.com/gustavo-iniguez-goya/opensnitch/issues/134#issuecomment-772876103
