In recent years, it has become important for researchers, security incident responders and educators to share network logs, and many log anonymization tools and techniques have been put forth to sanitize this sensitive data source in order to enable more collaboration. Unfortunately, many new attacks have been created, in parallel, that try to exploit weaknesses in the anonymization process. In this paper, we present a taxonomy that relates similar kinds of attacks in a meaningful way. We also present a new adversarial model which we can map into the taxonomy by the types of attacks that can be perpetrated by a particular adversary. This has helped us to negotiate the trade-offs between data utility and trust, by giving us a way to specify the strength of an anonymization scheme as a measure of the types of adversaries it protects against.