Hi,

I'm using splunk web to check some searches/alerts:

1. | rest /servicesNS/-/-/saved/searches/ splunk_server=local | table title <-- displays a list of saved searches

then I pick one from the list and launch:

2. rest /servicesNS/-/-/saved/searches/alert_without_white_spaces splunk_server=local. <-- and it works

But when querying for a differently named alert I get an error:

3. rest /servicesNS/-/-/saved/searches/alert with white spaces splunk_server=local. <-- does not work
- error message: Error in 'rest' command: Invalid argument: '-'

3a) rest /servicesNS/-/-/saved/searches/'alert with white spaces' splunk_server=local.   <-- does not work
- error message: Error in 'rest' command: Invalid argument: '-'

3b) rest /servicesNS/-/-/saved/searches/"alert with white spaces" splunk_server=local.   <-- does not work
- error message:

• Unexpected status for to fetch REST endpoint uri=https://127.0.0.1:8089/servicesNS/-/-/saved/searches/alert with white spaces?count=0 from server=https://127.0.0.1:8089 - Not Found

3d) rest /servicesNS/-/-/saved/searches/alert\ with\ white\ spaces splunk_server=local. 
- error message: Error in 'rest' command: Invalid argument: '-\'

3e) | eval alert1="alert with white spaces" 
        | rest /servicesNS/-/-/saved/searches/alert1
- error message (splunk didn't use the variable value but the variable name)

• Unexpected status for to fetch REST endpoint uri=https://127.0.0.1:8089/servicesNS/-/-/saved/searches/alert1?count=0 from server=https://127.0.0.1:8089 - Not Found

Is there a way to use variables or to query for a search name containing white spaces without getting an error ?