This article details the author's development of a Sysmon configuration designed to track Remote Monitoring and Management (RMM) tools using the LOLRMM framework. It outlines the process of testing various installers, sandboxing them, and refining filters to improve detection capabilities. The configuration is a work in progress, with sections already completed and others pending review.