How would i report for a year if on a montly basis user x logged in once or more then once.

the table shall look like this:

                     singe login                multiple logins
January                   5                               1
February                  20                              9
...

So far i rather clumsily build up an aproximate result like this:

| stats count(CN) by date_month,CN 
| rename count(CN) AS freq 
| eval frequency=if(freq>1,"multiple logins","single login") 
| stats count(CN) by frequency,date_month