Specific commands that can be useful to run:
sudo lsof -Fn / | sed '/n/!d; s/^n//' | sort | uniq | xargs ls -1dF --
— list all currently-open files
sudo netstat -n -l -p | awk '/UNIX domain/{exit} !/127\.0\.0\.1|:.* 0\.0\.0\.0/{print}'
— list all public listening TCP/UDP ports
sudo inotifywaitstats /var/log
— gather statistics about frequently-updated log files
tree -fDrt /var/log
— list recently-updated log files
find /var/log -mmin -120 -type f | xargs ls -lrtF --
— list recently-updated log files
ps auxf
— process tree
TODO — it might be nice to have something like service --status-all
that 1) uses ANSI colors to make it easier to skim, 2) works with both SystemV and systemd [2], 3) is also able to auto-magically figure out 3a) any uids dedicated to that service, 3b) public listening ports for that service, and 3c) maybe even uses lsof
to try to auto-magically determine top-level directories that might be used solely by that service. (TODO — any chance something like this exists already?)