For many people in the US, this weekend is extended due to Thanksgiving on Thursday. Bad guys are keenly aware that most smaller shops do not have 24x7 coverage, and that any activity taking place during this period may go unnoticed.
Since there is almost no actual work getting done, this is a great time to hop on to your IDS, or SIEM, or load up your logs, and start reviewing them. There should hardly be any noise created by users doing their stuff; all you should be seeing on most parts of your network is unattended automated traffic, and maybe some web site visits on your DMZ servers.
As there shouldn't be much going on, this is the perfect time go find out what kind of "background chatter" your systems generate, and to look for anomalies. You'll be able to more easily spot servers that should have been decommissioned, scripts that serve no purpose, and (if that is a violation of your policy) workstations left on during the break. If any malicious traffic is happening, there is a very good chance that you'll see traces of it much more clearly than when it is very busy on the network.
So: spend a half hour or so and look at what kind of things your IDS is reporting, check out your SIEM for anomalies, and look at your baseline network usage patterns. You might find something interesting!