Identify start of new transaction when previous one hasn't finished

I need a search that can identify when a new TCP session from an IP Address is established but the previous TCP session hasn't closed. Below is a mock up of the raw event data. Line 1 & 3 are the start and end of the first transaction, but line 2 occurs between them and is from the same source. How can I detect a new transaction from the same source when an existing one hasn't finished.

Line, Source, Destination , TCP Stream, TCP Flag

1, 10.10.10.10, 10.10.10.20, 1, SYN (Start Event)

2, 10.10.10.10, 10.10.10.20, 2, SYN (Start Event) <---- EVENT to detect

3, 10.10.10.10, 10.10.10.20, 1, FIN (End Event)

4, 10.10.10.10, 10.10.10.20, 2, FIN (End Event)

5, 10.10.10.10, 10.10.10.20, 3, SYN (Start Event)

6, 10.10.10.10, 10.10.10.20, 3, FIN (End Event)