I wrote the second command precisely to mean that the firefox profile would have to be reloaded (not as an effort to view log messages directly, but as an intermediate step).
Now as far as I understand: when a profile is in audit mode, security policy will be enforced and apparmor will give a log-message for each action taken by apparmor (permit/deny). The messages are to be found in these files:
The third is possible if "audit" is installed (this remains my doubt). Finally one can check using grep command, messages with "allowed"/"denied" in those files. Perhaps "sudo aa-logprof" will also do. However this last option also updates profile whose implication is not clear to me. Typical response:
Reading log entries from /var/log/messages.
Updating AppArmor profiles in /etc/apparmor.d.