diff --git a/plugins/k8saudit-eks/CHANGELOG.md b/plugins/k8saudit-eks/CHANGELOG.md
index f09dd06a..d6a34f88 100644
--- a/plugins/k8saudit-eks/CHANGELOG.md
+++ b/plugins/k8saudit-eks/CHANGELOG.md
@@ -1,19 +1,21 @@
 # Changelog
 
-## v0.2.1
+## v0.3.0
+
+* Ignore truncated log lines to avoid parsing errors
 
+## v0.2.1
 
 ## v0.2.0
 
+* Upgrade the `plugin-sdk-go` for the plugin framework >3.0.0
 
 ## v0.1.2
 
-
 ## v0.1.1
 
 * [`e9a1ef4`](https://github.com/falcosecurity/plugins/commit/e9a1ef4) docs(plugins/k8saudit-eks): document required aws iam permissions
 
-
 ## v0.1.0
 
 * [`fa60639`](https://github.com/falcosecurity/plugins/commit/fa60639) update(plugins/k8saudit-eks): point k8saudit dependency to latest stable tag
diff --git a/plugins/k8saudit-eks/README.md b/plugins/k8saudit-eks/README.md
index b0c652d0..adf1d4d4 100644
--- a/plugins/k8saudit-eks/README.md
+++ b/plugins/k8saudit-eks/README.md
@@ -258,3 +258,8 @@ serviceAccount:
   annotations:
     - eks.amazonaws.com/role-arn: arn:aws:iam::${ACCOUNT_ID}:role/${ROLE} #if you use an OIDC provider, you can attach a role to the service account
 ```
+Note the three placeholders REGION, ACCOUNT_ID, and CLUSTER_NAME which must be replaced with fitting values.
+
+### Warning
+
+AWS Cloudwatch Logs truncates log lines with more than 10,000 characters, as these lines can't be parsed by the plugin they are ignored and some events may be missed.
diff --git a/plugins/k8saudit-eks/pkg/k8sauditeks/k8sauditeks.go b/plugins/k8saudit-eks/pkg/k8sauditeks/k8sauditeks.go
index 81d2c582..5181ac05 100644
--- a/plugins/k8saudit-eks/pkg/k8sauditeks/k8sauditeks.go
+++ b/plugins/k8saudit-eks/pkg/k8sauditeks/k8sauditeks.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"strings"
 	"time"
 
 	"github.com/falcosecurity/plugin-sdk-go/pkg/sdk"
@@ -58,7 +59,7 @@ func (k *Plugin) Info() *plugins.Info {
 		Name:        pluginName,
 		Description: "Read Kubernetes Audit Events for EKS from Cloudwatch Logs",
 		Contact:     "github.com/falcosecurity/plugins",
-		Version:     "0.2.1",
+		Version:     "0.3.0",
 		EventSource: "k8s_audit",
 	}
 }
@@ -138,6 +139,10 @@ func (p *Plugin) Open(clustername string) (source.Instance, error) {
 		for {
 			select {
 			case i := <-eventsC:
+				message := *i.Message
+				if strings.Contains(message, "[Truncated...]") {
+					continue
+				}
 				values, err := p.Plugin.ParseAuditEventsPayload([]byte(*i.Message))
 				if err != nil {
 					p.Logger.Println(err)