Do these events have unique value that ties the 4 together? If it does, try this,

... | eval s=case(step="Step 1", 1, step="Step 2", 2, step="Step 3", 3, step="Step 4", 4) | stats list(time) as time list(step) as steps list(s) as s by uniq_val | nomv s | where NOT (s="1 2 3 4") | table time steps

OR if it doesn't try this

... | eval s=case(step="Step 1", 1, step="Step 2", 2, step="Step 3", 3, step="Step 4", 4) | streamstats count reset_after="count=4" | streamstats count(eval(count=1)) as uniq_val | stats list(time) as time list(step) as steps list(s) as s by uniq_val | nomv s | where NOT (s="1 2 3 4") | table time steps