Try adding a Table to your Report, using the drop down select "Event Queries" and then select Signature IDs, add any Filters needed.
This Event Query is going to provide the Rule Message, Signature ID, Source IP, and SUM (Event Count) - Then in your report builder group by Source User.
You should get a Total Count of events per user.
You can do the same thing with the Reporting Queries, but you have to select your own fields to include in the report, and use the "Group By" to have it provide a the SUM.
You may need to tweak things if you have multiple domains, or people logging in locally, etc...