No objects with incident?

[ChenFryd]

When running

from taxii2client.v21 import Collection
collection = Collection('https://attack-taxii.mitre.org/api/v21/collections/x-mitre-collection--1f5f1533-f617-4ca8-9ab4-6a02367fa019')
objects = collection.get_objects()
print(set([obj["type"] for obj in objects["items"]]))

in the documentation there is ?match[type]=incident,malware in the 3.4 Filtering under the match[<field>].

the output is of the code is:
{'campaign', 'malware', 'x-mitre-data-source', 'x-mitre-data-component', 'identity', 'attack-pattern', 'tool', 'intrusion-set', 'course-of-action', 'marking-definition', 'x-mitre-matrix', 'x-mitre-tactic', 'relationship'}

I don't see any incident here.
Please advise, thanks in advance.

[chisholm]

Looks like the server you're querying contains STIX representations of ATT&CK data. Checking their ATT&CK->STIX mapping, it doesn't look like it includes incident, though I am not an expert in their content. Questions about their content would be better directed to them.

The spec you linked to includes examples which may include a variety of STIX types. A given corpus of STIX content need not include all types.

[ChenFryd]

@chisholm Thank you very much for your input.
May I ask if you know where can I get such reports?