Don't change your tag definitions, change your search. tag=foo looks for any tag named foo, tag::field=foo looks for tags named foo for the specified field only, breaking up the long OR chain.

The point of the question was to not change the search query. I want to keep that part as simple as tag=foo and have that tag expand to the logical equivalent of
'index=foobar AND (host=bar1 OR host=bar2)

I was able to do this with a combination of eventtypes and tagging as suggested by @MuS.

You should add such a requirement to your question.

Are you saying I need to add 'tag::' in front of each of my field/value pairs? E.g. My tag would look like:

tag::index=foobar
tag::host=10.17.41.1
tag::host=10.17.41.2

I just tried this and it didn't work. What I want to be able to do is use the tag to reference this set of field/value pairs, so if I named my tag above 'mytag', my search would be:

splunk> tag=mytag somedata

A little circuitous but this works. Here's what I had to do:

1) Create tag=myhosts
host=10.17.41.1
host=10.17.41.2

2) Create an eventtype=my_index_search_terms that bound the index and the hosts with the AND
search> index=foobar AND tag=myhosts

3) Create a tag aliasing a tag (tag=index_hosts) to the eventtype:
eventtype=my_index_search_terms

So now, when I do a search like:
> tag=index_hosts status=404

It refines that search to only look for events coming from that host in that index.