MySQL raises this validation error when an audit log user name starts with a non-alphanumeric character.
ER_AUDIT_LOG_USER_FIRST_CHARACTER_MUST_BE_ALPHANUMERIC appears when a MySQL audit log user name begins with a symbol like _ or $. Rename the account so the first character is a letter or digit to resolve the issue.
ER_AUDIT_LOG_USER_FIRST_CHARACTER_MUST_BE_ALPHANUMERIC
MySQL error 3223 is triggered when you create, alter, or configure an audit log user whose name begins with a character that is not a letter (A-Z, a-z) or digit (0-9). The server validates identifiers during audit log setup and rejects names that do not meet this rule.
The error was introduced in MySQL 5.7.22 as part of stricter auditing safeguards. It affects the mysql.audit_log_user table as well as SET statements that modify the audit_log_user variable.
MySQL parses the supplied user string character by character. If the first byte is not alphanumeric, it aborts the operation and emits SQL state HY000 with code 3223. The validation runs before any privilege or existence checks, so the error surfaces immediately.
The rule only concerns the first character; subsequent characters may include underscore, dollar, or other permitted symbols as long as the overall identifier is valid.
Rename or recreate the audit log account so its name starts with a letter or digit. Ensure the change is reflected in any configuration files, automation scripts, or provisioning logic that writes to mysql.audit_log_user.
If the name is generated dynamically, adjust the generator to prefix a letter such as "u" or "a" when the first produced character is not alphanumeric.
Automated DevOps pipelines often prepend an underscore to system accounts, leading to this error during deployment. Update the template to use a letter prefix.
When migrating from older MySQL versions, existing audit log users beginning with "$" must be renamed before upgrade. Use RENAME USER or DROP and CREATE with an acceptable name.
Adopt a naming convention that always starts user accounts with a lowercase letter. Validate identifiers in CI pipelines to catch violations before they reach production.
Store audit log user management in version-controlled SQL files and run them through a linter that enforces MySQL identifier rules.
Error 1396 (HY000) - Operation CREATE USER failed for 'x'@'y' arises when renaming conflicts with existing accounts. Drop or rename the duplicate.
Error ER_AUDIT_LOG_TABLE_USER_NOT_FOUND appears if the specified audit log user does not exist. Ensure the user is created before assignment.
CI/CD templates often prefix user names with _ for visibility, violating the alphanumeric rule.
Accounts allowed in MySQL 5.6 upgrade to 5.7.22+ without renaming, causing failures during audit log initialization.
Examples using $ or # characters are copied into production code, triggering the validation error.
Random string functions occasionally output a symbol as the first character, which is rejected.
Occurs when attempting to create a user that already exists. Resolve by renaming or dropping the existing user.
Raised when the audit_log_user table references a user account that does not exist in mysql.user.
Happens if the audit log plugin is not installed or tables were not created during upgrade.
No. The restriction applies only to audit log user entries. Regular user accounts may start with _ or $ if desired.
The check is hard-coded in the audit plugin. You must comply with the rule or patch and rebuild MySQL, which is not recommended.
Quoting with backticks or single quotes does not bypass validation. The first character must still be alphanumeric.
Galaxy's SQL editor highlights invalid identifiers in real time and its AI copilot proposes compliant names, preventing the error before execution.
.avif)
.avif){kind=logo}
