Specific commands that can be useful to run:
sudo lsof -Fn / | sed '/n/!d; s/^n//' | sort | uniq | xargs ls -1dF -- — list all currently-open files
sudo netstat -n -l -p | awk '/UNIX domain/{exit} !/127\.0\.0\.1|:.* 0\.0\.0\.0/{print}' — list all public listening TCP/UDP ports
sudo inotifywaitstats /var/log — gather statistics about frequently-updated log files
tree -fDrt /var/log — list recently-updated log files
find /var/log -mmin -120 -type f | xargs ls -lrtF -- — list recently-updated log files
ps auxf — process tree
TODO — it might be nice to have something like service --status-all that 1) uses ANSI colors to make it easier to skim, 2) works with both SystemV and systemd [2], 3) is also able to auto-magically figure out 3a) any uids dedicated to that service, 3b) public listening ports for that service, and 3c) maybe even uses lsof to try to auto-magically determine top-level directories that might be used solely by that service. (TODO — any chance something like this exists already?)