Yes you would have to go with one of those two options. You could put a hub (notice not a switch or router) on the same segment as the server and use a second box to run snort. Or upu could run it on the server. The amount of resources it would take up depends on your set up. Snort can be configured to not take up too much, but then it isn't doing much. It all falls under the second law of thermodynamics, every time you gain something you lose something.

You should look into the Snort configuration logging to MySQL accross the network to a differnt box, and using ACID as your front in. I set his up once just to play with and it was sweet. If i can find the link I'll edit this later.