SQL Query [Count the result of a query]

I am trying to send an SQL query in Elasticsearch, and I am not getting the result expected.
I wanna display the number of users that has more than 10 failed authentication, so I am using this query:

SELECT COUNT(*) as result_count 
FROM (
SELECT user.name, COUNT(*) as result 
FROM "winlogbeat-*"  
WHERE event.category = 'authentication'  
AND event.action = 'logon-failed'
GROUP BY user.name
HAVING result > 10
)

I am getting a result like that:

|result_count|
|:----------:|
|     29     |
|     78     |
|     13     |
|------------|

The expected result that I am waiting is:

3

Could you please help me to understand what I am doing wrong to get this unexpected result !

Thanks 🙂