At my last job when I got bored I would simply watch my DNS servers as they resolved. Since I had a list of who had what address I could often catch people in 'real time' surfing to sites they shouldn't. If you want to hear someone freak out call them up about 30 seconds after logging into a porn site at work and say "Why are you logged into www.big****.com?" Oh....you should hear them scramble and stammer.

If DNS didn't catch them, Packeteer would, or Symantec Web Security, or occassionally--if there was an extremely high volume of traffic-- I'd see it in my firewall or IDS logs and look it up.

I'm sure that some stuff got past me, because to be honest, I didn't really care to be the internet police. But the number of people I busted was unbelievable.

Go ahead and clean your local logs. Won't do you a bit of good.