@SN1 

To move the apps from one server to another, I recommend using WinSCP or SCP and following the steps I mentioned above.

@SN1 

The procedure was:
- deploy the splunk enterprise to the new server, use the same version you have on the existing server
- tar the entire $SPLUNK_HOME/etc folder from the existing splunk Enterprise security server, but I recommend to stop the splunk service first, just to avoid any change from customers
- Stop the splunk service at new server
- copy the tar file to the new server at $SPLUNK_HOME/etc folder
- Stop Splunk service on the current Splunk Enterprise server
- Copy the bundle file from $SPLUNK_HOME/var/run from the existing server to the new one on the same path. Bundle file should be something like this servername-1570745614.bundle
- Start splunk service on the new server
- Monitor for any error message of lack of configuration issues

Before you run this procedure, stop the existing Splunk server, run a full backup of etc, just to make sure if you the last updated configuration/apps in case you have any issues, you can recover from the point where everything is working properly on the current splunk environment.

@SN1 

It is pretty easy. if you're speaking of a not clustered SH, you have only to copy the Enterprise Security apps from the old SH to new one.

The easiest way it to install the same Splunk and ES on the new SH and copy the entire Splunk etc folder from the old SH to the new one and the end you can upgrade Splunk.

Copy the entire `$SPLUNK_HOME/etc/*` and `$SPLUNK_HOME/var/run` directory space.
Restart Splunk.

This all presumes that you setup Splunk and ES correctly the first time (i.e. all index and summaries are on your indexers).