Of course it will work, but it's not what they are trying to do.... they don't want to go into the saved search and keep changing it.

Ok but you asked "Ability to add to search without re-running entire search?... I've been asked if there is a way to add/extend a search without re-running it in it's entirety. "

Yes, from the search bar. Splitting hairs here... (hah!). The above method works better for me.

@jkat54 - I think you misunderstood. @a212830 was looking for a way to essentially play with cached results. In other words, consider a long running search that you're creating, then you want to add one tweak to it and you're left with rerunning the entire thing which could take so long that it's impractical. Instead, you can run a base search and then manipulate it's results in various ways without re-pulling the raw data from the indexers. I hope that clarifies why the other answer was accepted. Two different interpretations to the question.

Thanks, he clarified. Just leaving this here in case someone is looking for the other solution

That's exactly what they are trying to avoid...

Want to run an interactive search and then easily reference the output of that data and possibly modify the search, without running against an entirely new dataset.

+1 to the | loadjob. For long running searches, I use that a ton. Run once, find the sid (job inspector or the url) and then use | loadjob <sid> to manipulate the results without having to rerun. Great for ad-hoc analysis whereas a savedsearch or csv approach requires creating other knowledge objects and remembering to cleanup (not the case with loadjob).
http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Loadjob

Was just thinking... what about datasets? Does any functionality in that help in this situation?

I'll be honest there; I have not played with that stuff yet.

Thanks! Had not thought of the eventtype one... that's a good one.