Search to locate users logging in from a different country in the last 90 days

Hi all, 

I am looking for a search which would return results if a user is logging in from a country they haven't logged in from in the last 90 days. Is this possible?

I would like to search across Duo logs. Running the below search would identify all logins from the UK, but wondering if it's possible to only return the users that are logging in from a new country, compared to the last 90 days.

(((_sourceCategory=_DUO)))
| json field=_raw "access_device.location.country"
| where %"access_device.location.country" = "United Kingdom"

Below is a snipped of the log output: