...
Under Network Destinations set:
To send logs to QRadar via Snare Central:Domain/IP to your Snare Central destination
Port to 6161
Protocol to UDP or TCP (recommended)
Format to SNARE
To send logs directly to QRadar:Domain/IP to your QRadar destination
Port to 514
Protocol to UDP or TCP (recommended)
Format to SYSLOG (RFC3164) or other. LEEF may be use though the Port will require updating.
Under General Destination Hostname Options set:
Select the Host IP As Source checkbox. On saving the page the field Override Hostname will be populated.
Select Update Destinations to save your page settings
Click Apply Configuration & Restart Service menu item to update the registry.
...