newbie ? about tcp packet collection for specific ip

[Janet Norton <cjnorton () fmtc net>]

Before I spend too much time playing around with snort, I wonder if someone can confirm whether snort would meet my 
needs for a specific application.  I need a non-interactive process which will monitor small network at company to 
intercept tcp traffic going to a printer.  This process would run continuously, but once the tcp printer traffic is 
detected a different program would be initiated to process data.

Currently I have been playing with a perl script which continously executes tethereal every 60 sec and I process log 
for data of interest.
tethereal.exe -f "dst 149.59.152.28" -a duration:60 -w outfile

I wondered if I could use snort and create a specific rule file for tcp traffic (maybe to include only tcp port 515 
packets)?  My expectation is the log file would only be created when tcp traffic to printer occurs, and the content of 
tcp stream is present in log.  If I could start snort in daemon mode and have it constantly append to log, then I could 
have another program running which monitors log and when new data is present, processes the data.  

Please confirm is snort could work in this manner, and if so can you provide the correct syntax for snort and rule 
using detail I provided above.  Any suggestions are appreciated.  THANKS!