diff --git a/test/falco_k8s_audit_tests.yaml b/test/falco_k8s_audit_tests.yaml
index 2866e991..a206ec73 100644
--- a/test/falco_k8s_audit_tests.yaml
+++ b/test/falco_k8s_audit_tests.yaml
@@ -622,4 +622,13 @@ trace_files: !mux
       - ../rules/k8s_audit_rules.yaml
     detect_counts:
       - K8s Secret Deleted: 1
-    trace_file: trace_files/k8s_audit/delete_secret.json
\ No newline at end of file
+    trace_file: trace_files/k8s_audit/delete_secret.json
+
+  fal_01_003:
+    detect: False
+    detect_level: INFO
+    rules_file:
+      - ../rules/falco_rules.yaml
+      - ../rules/k8s_audit_rules.yaml
+    trace_file: trace_files/k8s_audit/fal_01_003.json
+    stderr_contains: 'Could not read k8s audit event line #1, "{"kind": 0}": Data not recognized as a k8s audit event, stopping'