I would do it this way:

1) Stop the search heads.

2) From the cluster master, shut down the cluster. Shut down the cluster master.

3) Shut down the deployment server.

For disk:

As you shut each system down, back up the disks and transfer the data to the new system. Or reassign the disk, or whatever you plan to do to migrate the environment. It will be easiest if the new environment has the same disk volumes and labels, although the underlying hardware can be different. There is nothing in the Splunk configuration files that is specific to the Windows hardware. But there are file paths in the configuration files. The most important is the location of the indexes in indexes.conf. You should check all copies of indexes.conf in the environment and make sure that the paths are correct for the new environment.

You should also keep the same directory structure for Splunk in the new environment, as there may be some configuration files (scripted inputs and alerts, for example) that could have absolute or relative path names that would be wrong if the directory structure was changed. (Or you can look through all the files and edit...)

For machine names/IP addresses:

It will be far simpler if you keep the same machine names and IP addresses on the new hardware as on the old VMs. If not, then you need to look through all the configuration files for this information and change it on each machine.

I can't think of anything else that needs to be changed. As the machines are migrated, bring them up in this order.

1) cluster master

2) indexers

3) search heads

4) deployment server

5) From the cluster master, redeploy the configuration bundles, just to make sure all indexers are up to date. This may happen automatically as you restart the indexers, but I added this step just to be sure.

There are variations on this order, and other ways to do it. But this should work.