While an agent is disconnected, it will stop monitoring the log files configured to monitor, and therefore, it should only lose the logs that were being sent at the same moment that the communication got interrupted, independently of the buffer. The time that the agent can verify its disconnection and stop monitoring files will be much shorter when using the TCP protocol, and therefore, the logs loose would be decreased.
All the new logs ingested into the log file while the agent is disconnected should be sent to the Manager side once the agent reconnects.
You could perform a test by monitoring a specific log file, disconnecting the agent, then introducing new log lines to the monitored file, and monitoring the archives.json once the agent reconnects. You should be able to verify that all the logs ingested during the disconnection were sent once it reconnected.
I hope this helps.
Jose Manuel Lopez