I have an example query where I show the elapsed time for all log lines where detail equals one of three things, and I show the stats of the elapsed field:

normalized_source=http_plugin (detail=/online/public/userIdentify OR detail=/online/successfulLogin OR detail=/online/home) | 
stats avg(elapsed), median(elapsed), p90(elapsed) by detail

So an issue I run into is it matches both where detail equals "successfulLogin" as well as "successfullogin" (with a second lowercase L). The "successfullogin" exists in the logs because of tests done against the production environment, but doesn't reflect useful data. In fact, there are only 2 or 3 logs of the "successfullogin" whereas there are 40,000+ of all the other. I'd like to remove that result so I just show the three, because I am interested in the visualization of this (and I don't want a random 4th result). There are 3 ways I could go about this:
1. Limit the results to three
2. Make the detail= case sensitive
3. Show only the results where count is greater than, say, 10.

I don't really know how to do any of these (I'm pretty new to Splunk). I have tried option three with the following query:

normalized_source=http_plugin (detail=/online/userIdentify OR detail=/online/successfulLogin OR detail=/online/home) | stats count, avg(elapsed), median(elapsed), p90(elapsed) by detail | where count > 10

However, this includes the count field in the results. This is fine except when I turn this into a bar chart, the count column skews the other values (since it is so much larger). How could I redo that query to omit the count field?

(And for extra credit, how would I redo the first query to do option 1 and 2? I keep trying to modify the query and does not give me the expected results.)