Is it possible to dynamically compare fields across distinct events?

I’d like to know if there is a native way in Security Analytics to define a rule that dynamically compares two fields (e.g. event1.fieldX and event2.fieldY) (with compare I mean - for example - equality or inequality, etc.) in separate documents within a time window and triggers an alert if they match.

—Example Use Case—

Goal: Detect the Zerologon exploit by comparing user.name in one Winlogbeat event to host.name in another event.
Window: Within 5 minutes of the original event.

  1. Is there already a native option for this kind of dynamic field comparison?
  2. If not, is it planned for a future release?

Thanks in advance.

@NeisfXd Have you tried correlation rules?