There are some basic off-the-shelf solutions (eg Macafee's offering) that can work as a drop in on basic role based access rules, but to gain any value you will need to tune/configure any DLP solution.
What some organisations I work with do is define permissions by user (eg only these 3 individuals are allowed to send attachments out, only those ones can print etc). For this scenario you place your trust in those named users. If they make a mistake, or turn rogue you can still check the logs to see what they sent, but data can leak. At least you have reduced the risk down to just those individuals (or anyone with their credentials)
What others do is attach code words to all key documents, and set the DLP service to trigger on them. Standard mail gateways may have this functionality (I know Mailsweeper and the like do)
A more mature solution is to enforce classifications on all documents - this may be overkill for you just now, but you are at a size where it is manageable, and will become ever more useful as you grow. Using classifications it becomes very easy to deny outgoing secret or internal docs while allowing lower sensitivity ones.
To stay closer to your exact question, all of the above options will log what is sent out - the most appropriate for you if you aren't needing to block may just be to enable logging of all mails sent with attachments at your mail gateway (eg Exchange...)
It would help to give more information on your network setup – Journeyman Geek – 2012-01-11T11:52:16.323
If you want to monitor every possible method of a file transferring out of your network, you will need to be more specific than "etc" – Paul – 2012-01-11T11:54:44.090
I have updated my answer - it has detail on prevention as I misread your question...now it also has a wee bit on logging. – Rory Alsop – 2012-01-11T17:18:33.123