Surprised you didn't mention it, but I use an extended events session that I leave running to capture the login and source (among a few others) for a lock_acquired event. I filter by database and I filter out our maintenance and sysadmin accounts.