User changes are not tracked in the Audit Log
It is not possible to see who created / deleted a user.
It is not possible to see who assigned or revoked a user's permissions.
When a user is created, deleted, or assigned/revoked permissions these changes should be tracked in the Audit Log
Use query to find when user was created, and hope you have atlassian-bamboo.log or catalina.out logs which date back that far. Then you can match the created_date in the database with the timestamp in the log to find the createuser.action to see who created the user.
If a user was deleted, and you know the username, you can search the logs for: