I see that the activity log indicates an attachment was downloaded whenever it is viewed or actually downloaded. It would be useful to be able to set an automation alert that triggered whenever an attachment is viewed/downloaded.
This would help address some security concerns with tracking who has downloaded what.
Perhaps some criteria could included internal or external user or maybe from an published item versus the native item?