diff --git a/pkg/controllers/operator/cilium-crds/endpoint/endpoint_controller.go b/pkg/controllers/operator/cilium-crds/endpoint/endpoint_controller.go
index 0609d28084..ca1a0fb4e2 100644
--- a/pkg/controllers/operator/cilium-crds/endpoint/endpoint_controller.go
+++ b/pkg/controllers/operator/cilium-crds/endpoint/endpoint_controller.go
@@ -533,7 +533,7 @@ func (r *endpointReconciler) handlePodUpsert(ctx context.Context, newPEP *PodEnd
 		// May end up getting another endpoint ID below if we try to create the CEP below.
 		// No downside to this.
 
-		if !k8serrors.IsNotFound(err) && err != nil {
+		if !k8serrors.IsNotFound(err) {
 			r.l.WithError(err).WithFields(logrus.Fields{
 				"podKey": newPEP.key.String(),
 				"pep":    newPEP,
diff --git a/pkg/k8s/watcher_linux.go b/pkg/k8s/watcher_linux.go
index a2627cbc47..8c7fefc3e0 100644
--- a/pkg/k8s/watcher_linux.go
+++ b/pkg/k8s/watcher_linux.go
@@ -2,9 +2,12 @@ package k8s
 
 import (
 	"context"
+	"strings"
 	"sync"
 	"time"
 
+	"k8s.io/apimachinery/pkg/util/runtime"
+
 	agentK8s "github.com/cilium/cilium/daemon/k8s"
 	"github.com/cilium/cilium/pkg/hive/cell"
 	"github.com/cilium/cilium/pkg/ipcache"
@@ -15,8 +18,17 @@ import (
 	"github.com/cilium/cilium/pkg/logging"
 	"github.com/cilium/cilium/pkg/logging/logfields"
 	"github.com/cilium/cilium/pkg/option"
+	"github.com/sirupsen/logrus"
 )
 
+func init() {
+	// Register custom error handler for the watcher
+	// nolint:reassign // this is the only way to set the error handler
+	runtime.ErrorHandlers = []func(error){
+		k8sWatcherErrorHandler,
+	}
+}
+
 const (
 	K8sAPIGroupCiliumEndpointV2 = "cilium/v2::CiliumEndpoint"
 	K8sAPIGroupServiceV1Core    = "core/v1::Service"
@@ -92,3 +104,28 @@ func Start(ctx context.Context, k *watchers.K8sWatcher) {
 	<-syncdCache
 	logger.Info("Kubernetes watcher synced")
 }
+
+// retinaK8sErrorHandler is a custom error handler for the watcher
+// that logs the error and tags the error to easily identify
+func k8sWatcherErrorHandler(e error) {
+	errStr := e.Error()
+	logError := func(er, r string) {
+		logger.WithFields(logrus.Fields{
+			"underlyingError": er,
+			"resource":        r,
+		}).Error("Error watching k8s resource")
+	}
+
+	switch {
+	case strings.Contains(errStr, "Failed to watch *v1.Node"):
+		logError(errStr, "v1.Node")
+	case strings.Contains(errStr, "Failed to watch *v2.CiliumEndpoint"):
+		logError(errStr, "v2.CiliumEndpoint")
+	case strings.Contains(errStr, "Failed to watch *v1.Service"):
+		logError(errStr, "v1.Service")
+	case strings.Contains(errStr, "Failed to watch *v2.CiliumNode"):
+		logError(errStr, "v2.CiliumNode")
+	default:
+		k8s.K8sErrorHandler(e)
+	}
+}